It's  ComNet  time 


Sprint  Foundty,  NetScout  and  others  ready  new  products  and  services  for  display  at  the 
26th  edition  of  the  network  industry  conference.  PAGE  12 
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BY  DEBORAH  RAOCUFF 

Your  PCs  are  locked  down. 

Desktop  security  policies  are  centrally  managed  and  enforced.  Anti-virus  and 
personal  firewalls  run  on  every  desktop,  laptop  and  gateway.  Then  a  user 
downloads  something  from  the  Web.  Maybe  it’s  a  cool  new  freeware  program  or 
an  upgraded  media  player.  Along  with  that  program,  the  user  has  unknowingly 
loaded  executable  files  that  open  a  peer-to-peer  connection  and  broadcast 
personal  use  data  to  some  unknown  location  on  the  Web.  That  PC  has  just 
been  infected  with  spyware,  a  class  of  software  that’s  so  poorly  written  and  so 
invasive  that  it’s  opened  a  whole  new  set  of  security  and  performance 
concerns  for  network  and  security  executives.  In  this  story,  we  outline  the 
spyware  threat  and  show  you  how  to  combat  the  problem. 
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Next  EDI’ 
gains  key 
proponent 


■  BY  ANN  BEDNARZ 

A  major  commitment  from  the 
Department  of  Defense  is  ex¬ 
pected  to  give  a  critical  boost  to  a 
Web-based,  business-to-business 
communications  framework  that 
supporters  call  the  next  EDI. 

The  framework  is  called  elec¬ 
tronic  business  using  XML 
(ebXML)  and  has  been  under 
development  through  a  United 


Nations-backed  effort  since  1999. 
While  ebXML  has  gained  some 
momentum  overseas,  it  has  yet  to 
catch  on  as  a  requirement  for 
doing  business  in  the  U.S. 

But  now  the  Defense  Depart¬ 
ment  is  adopting  ebXML  as  a 
common  format  for  transac¬ 
tions  conducted  via  its  EMALL 
online  procurement  portal, 
from  which  military  personnel 
See  EbXML,  page  16 


A  Wider  Net 


Someone  has  to  do  it 


Grids  moving  beyond  science 


■  BY  JENNIFER  MEARS 

A  few  years  ago,  Daniel  Kaberon 
never  would  have  considered  de¬ 
ploying  any  of  his  applications  on 
a  grid-computing  environment. 
Now  he  can’t  imagine  life  without 


the  distributed  technology 
Today,  Hewitt  Associates,  a 
Lincolnshire.Ill., human  resources 
consulting  and  outsourcing  firm 
where  Kaberon  is  director  of 
computer  resource  management, 
is  running  an  application  that  cal¬ 


culates  pension  benefits  on  a  grid 
of  Linux-based,  two-processor,  2.8- 
GHz  blades  from  IBM. 

Kaberon  says  the  grid,  which 
was  put  into  production  last  fall, 
has  reduced  costs  associated  with 
each  calculation  by  more  than 
90%  by  moving  the  processor¬ 
intensive  application  off  the  main¬ 
frame  and  onto  less-expensive 
blade  servers.  “And  we  improved 
the  performance  of  the  applica¬ 
tion  demonstrably  he  says. 

Kaberon  already  has  plans  to 
put  another  application  on  the 
grid  and  says  he  expects  other 
applications  to  follow. 

See  Grid,  page  66 


a  snopping  site  to  a  political 
advocacy  page. The  room 
they’re  in  could  be  mistaken 
for  an  Internet  cafe  in  any  big 

See  Pornography,  page  18 


They  get  paid 
to  view  porn  so 
you  don't  see  it. 

■  BY  LINDA  LEUNG 


Warning:  The  contents  of 
this  story  are  not  for  the 
delicate  of  constitution. 

The  flickering  screen 
shows  a  crude  picture  of  a 
naked  woman. The  twenty¬ 
something  woman  who’s 
viewing  it  looks  slightly 
bored,  as  though  she's  seen 
the  same  image  hundreds  of 
times  before. 

The  guy  sitting  next  to  her  is 
perusing  a  gambling  Web  site, 
while  a  colleague  sitting 
opposite  her  is  clicking  from 
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Great  Moments  at  Work. 


Introducing  the  new  Microsoft  Office  System. 

Now  users  can  do  more  for  themselves  so  you  can  focus 
on  the  important  things.  More  than  just  the  core  suite 
you're  familiar  with,  the  new  Microsoft®  Office  System  is 
an  integrated  system  of  easy-to-use,  expanded  programs, 
servers,  services,  and  solutions  that  help  end  users  be 
more  self-sufficient.  With  Microsoft  Office  Professional 
Edition  2003,  Microsoft  Windows®  SharePoint™  Services, 
and  Microsoft  Office  SharePoint  Portal  Server  2003,  end 
users  will  have  the  ability  to  create  and  manage  their 
own  team  work  spaces.  So  not  only  will  they  be  able 
to  collaborate  and  share  information  easily  and  more 
securely,  but  you'll  be  free  to  do  what  you  really  need  to 
do.  To  find  out  how  the  Microsoft  Office  System  can 
work  for  you,  go  to  microsoft.com/officelT 


Microsoft  More  than  what  it  used  to  be,  it's  now  a 

Office  System  comprehensive,  customizable  system. 


Servers 


Programs 

Access  2003 
Excel  2003 
FrontPage®  2003 
InfoPath™  2003 
OneNote™  2003 
Outlook®  2003 


PowerPoint®  2003 
Project  2003 
Publisher  2003 
Visio®  2003 
Word  2003 


Project  Server  2003 

Live  Communications 
Server  2003 

Exchange 
Server  2003 

SharePoint™  Portal 
Server  2003 


Services 

Live  Meeting 
Office  Online 

Solutions 

Solution  Accelerators 


Enabling  Technologies: 

Windows  Server™  2003,  Windows®  SharePoint  Services, 
Rights  Management  Services 
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12:37  pm  No  one  asks  for  help  with 
setting  up  a  sales  team  web  site. 
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Read  the  IT  chart.  You’ve  got  serious  problems. 

Porn  may  be  the  most  visible,  but  it’s  only  one  of  your  worries.  See  more  clearly  with  Websense  Enterprise® 
the  most  comprehensive  solution  for  protecting  your  network  from  threats  that  appear  as  employee  computing  and 
the  Internet  converge.  You  don’t  have  to  rely  on  20/20  hindsight. 

For  a  free  white  paper  on  Emerging  Threats  in  Employee  Computing 
or  to  assess  your  risks  visit  www.websense.com/checkup. 
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William  Lewi%yi{$  provost  and  CIO  at 
9  Arizona  Stats  University,  overcame  his  ini¬ 
tial  doubts  to  establish  a  good  relationship 
witb  the  Board  of  ftegents,  which  must 
approve  his  major  IT  purchases.  Page  56. 
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Spies  like  us  The  How  To's  of  Spyware:  How  to  avoid, 
detect  and  fight  back  against  the  insidious  programs.  Page  51. 
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PATCH  MANAGEMENT 
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UnuxWorld  2004  wrap-up 

If  you  missed  the  show  last  week,  get  caught  up  on  all  the  keynote  pre¬ 
sentations,  news  and  announcements  at  our  LinuxWorld  news  page. 

DocFinder:  9433 

Top  ISP  Report  -  November 

Is  your  ISP  measuring  up?  Find  out  with  our  Top  ISP  Report,  a  joint 
venture  between  Network  World  and  Ver Test's  Internet  BenchMark 
service. 

DocFinder:  9141 

Forum:  Adding  a  wireless  router 

A  reader  writes:  “When  adding  a  wireless  router  to  a  wired  network, 
where  is  the  safest  place  to  add  it?  Before  the  the  wired  router  or  after 
the  wired  router?"  Jump  in  and  share  your  thoughts. 

DocFinder:  9434 

|  Seminars  and  events 

Today’s  business  demands  more 
of  network  IT  managers 

Need  to  know  how  to  maximize  performance  from  current  applications, 
optimize  usage  of  available  bandwidth  and  integrate  operations  with  overall 
business  objectives?  Here's  February's  free  Network  World  Technology 
Tour  to  the  rescue.  Attend  "Network  Management:  The  New  Business 
Focus,"  and  master  the  secrets  of  success.  Upcoming  sessions  are  in 
New  York,  Atlanta,  Chicago  and  Santa  Clara. 

DocFinder:  9139 
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How  can  WPA  be  more  secure  than  WEP? 

Mohammed  asks  the  Wireless  Wizards:  "I  read  that  a  WPA 
implementation  in  a  SOHO  setting  doesn't  require  an  authenti¬ 
cation  server,  instead  a  mode  called  'pre-shared  key’  will  be 
used.  How  could  this  be  more  secure  than  WEP  since  it  can 
also  be  considered  a  pre-shared  key?"  DocFinder:  9435 
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Experts  blast  online  voting  system 

B  Four  computer  experts  are  urging  the  government  to  drop  plans 
to  let  U.S.  civilians  who  reside  overseas  cast  their  votes  online. The 
risks  associated  with  online  voting  can’t  be  eliminated  because  the 
Internet  and  PCs  are  inherently  unsecure,  say  the  researchers,  who 
were  asked  by  the  government  to  analyze  an  online  voting  system 
called  the  Secure  Electronic  Registration  and  Voting  Experiment 
(SERVE).  The  system  is  vulnerable  to  the  same  cyberattacks  that 
threaten  other  online  services,  including  viruses,  spoofing  and 
denial-of-service  attacks.“SERVE  is  called  an  experiment,  but  it  is  in 
fact  not  an  experiment,”  says  Barbara  Simons,  one  author  of  the  cri- 
tique.“There  are  not  paper  ballots,  there  is  no  way  to  verify  after  the 
fact  to  see  if  votes  were  correctly  received  and  tabulated.” 
Regardless  of  the  opinions,  the  Department  of  Defense  is  moving 
ahead  with  SERVE.The  system  could  be  used  for  a  primary  election 
as  early  as  next  month,  and  certainly  will  be  running  for  the 
November  presidential  elections  department  spokesman  says. 

AT&T  Wireless  on  the  block 

■  After  reporting  weak  fourth-quarter  earnings,  AT&T  Wireless  late  last  week  officially 
announced  the  company  is  considering  purchase  bids.  AT&T  Wireless  reported  a  net  loss 
of  $84  million  for  the  quarter  and  customer  churn  rate  at  3.3%.The  previous  quarter  the 
carrier  reported  customer  turnover  at  2.7%.  AT&T  Wireless  says  local  number  portability 
and  software  problems  contributed  to  the  company’s  disappointing  results  and  the 
board’s  decision  to  entertain  offers.  Reportedly  bids  are  coming  from  Cingular  Wireless, 
the  second-largest  wireless  carrier  in  the  U.S.,  NTT  DoCoMo,  Vodafone  and  Nextel.  AT&T 
Wireless  has  hired  financial  firms  Merrill  Lynch  and  Wachtell.Lipton, Rosen  &  Katz  to  help 
review  offers. 

New  report  sees  more  IT  spending 

■  The  IT  spending  dark  cloud  has  lifted,  according  to  a  report  from  Goldman  Sachs, 
which  reported  last  week  that  one-third  of  roughly  100  IT  executives  expect  spending  to 
accelerate  in  the  first  half  of  this  year. The  survey  shows  that  30%  of  respondents  now 
consider  their  long-term  annual  IT  spending  growth  rate  to  be  between  5%  and  10%, 
which  is  more  in  line  with  normal  annual  growth  rates  of  6%  or  8%.  Increased  interest 
in  technology,  such  as  database,  CRM  and  enterprise  portal  software,  indicate  IT  execu¬ 
tives  are  shifting  from  maintenance  to  recovery  mode.  While  anticipated  growth 
remains  single-digit  and  modest,  “nonetheless,  it  indicates  that  confidence  appears  to 
have  incrementally  improved,”  the  report  states. 
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*©*  Another  tech  bull  pun?  While  last  week’s  earnings  reports  weren’t 
perfect,  plenty  of  good  news  came  out  of  some  of  the  industry's  biggest  players,  fueling 
more  talk  of  a  tech  turnaround.  Lucent  posted  its  second  straight  quarterly  profit,  EMC 
swung  from  a  loss  in  last  year's  fourth  quarter  to  a  profit  this  time  around,  and  Microsoft 
topped  Wall  St,  expectations  on  both  earnings  and  revenue, 


Pick  on  someone 
your  own  size.  Mike  Rowe, 

a  17-year-old  student  from 
Vancouver,  thought  it  would  be 
catchy  to  name  his  fledgling  Web 
design  company  MikeRowesoft. 
com.  But  after  registering  the 
domain  name,  what  Rowe  caught 
was  flak  from  trademark  lawyers 
for  a  certain  software  company  in 
Redmond,  Wash.  After  the  story  received 
worldwide  attention  and  Rowe  received 

thousands  of  offers  for  legal  and  monetary  aid,  Microsoft  admitted  that  maybe  it  took 
things  too  seriously  and  said  it  is  working  out  a  compromise.  A 


NOAH  JONES 


®  Love-hate  relationship.  Roughly  one  in  three  adults  say  the  cell 
phone  is  the  invention  they  most  hate  but  cannot  live  without,  according  to  a  new 
Massachusetts  Institute  of  Technology  survey.  The  cell  phone  was  chosen  over  such 
other  inventions  as  the  alarm  clock  and  TV.  The  eighth  annual  Lemelson-MIT  Invention 
Index  study  surveyed  about  1,000  adults  and  500  teens  on  a  variety  of  topics. 


Intel.  Sample  quantities  of  chips  using  AS1  should  begin  shipping  early  next  year,  and 
boxes  built  with  them  are  likely  to  hit  the  market  later  that  year,  Intel  officials  said. 

Sawis  to  acquire  G&W  assets 

■  Sawis  Communications  is  set  to  acquire  Cable  &  Wireless  America’s  assets  for  $155 
million  and  the  assumption  of  about  $12.4  million  in  debt.  Sawis  offers  managed  IP  ser¬ 
vices  to  businesses  in  45  countries.  Late  last  week  the  U.S.  Bankruptcy  Court  for  the 
District  of  Delaware  concluded  a  two-day  auction  for  the  service  provider.  C&W  filed  for 
Chapter  1 1  bankruptcy  protection  in  early  December  after  striking  an  asset  purchase 
agreement  with  Gores  Technology  Seven  companies  bid  for  C&W  including  Gores,  XO 
Communication  and  a  handful  of  private  equity  companies,  including  DuPont  Fabros, 
Leucadia  National  and  Platinum  Equity.  Gores’  initial  bid  of  $125  million  wasn’t  enough. 

IBM  to  set  Eclipse  free 

■  The  open  source  Eclipse  group  is  being  spun  off  from  IBM.  At  its  EclipseCon  conference 
in  Anaheim, Calif.,  next  month,  the  consortium  plans  to  announce  that  it  has  restructured 
itself  into  a  nonprofit  organization,  with  a  new  board  of  directors  and  a  new  governance 
model  designed  to  encourage  other  industry  players  to  get  involved  in  the  project.  As  part 
of  the  restructuring, Skip  McGaughey  the  IBM  staffer  who  is  the  consortium’s  current  exec¬ 
utive  director,  will  step  down  from  his  position.The  newly  formed  Eclipse  board  will  select 
a  new  executive  director  —  one  who  is  not  from  IBM  —  within  the  next  few  weeks, 
McGaughey  says.  IBM  launched  the  Eclipse  project  two  years  ago,  hoping  that  it  would 
form  the  basis  of  an  industry  standard,  open  source  Java  development  platform.  IBM  has 
succeeded  in  encouraging  vendors  such  as  Borland  Software,  Oracle  and  SAP  to  build 
their  software  on  top  of  Eclipse. 


Standard  interconnect  gains  approval 

Si  Future  network  devices  such  as  switches  and  routers  could  meet  new  user  demands 
more  quickly  and  cost  less  after  the  completion  last  week  of  the  Advanced  Switching 
Interconnect  specification.  The  specification,  based  on  the  emerging  PCI  Express  inter¬ 
connect  for  PCs  and  servers,  is  designed  to  make  building  a  network  product  more  like 
creating  a  new  computer,  with  processors  and  other  components  from  third  parties  that 
all  can  communicate  with  each  other  in  the  same  language.  Currently  most  network  ven¬ 
dors  use  proprietary  interconnects,  missing  out  on  the  competition  and  economies  of 
scale  in  the  PC  and  server  businesses,  says  Allyson  Klein,  initiative  marketing  manager  at 


Former  GA  exec  pleads  guilty 

■  A  former  Computer  Associates  financial  executive  pleaded  guilty  last  week  to  charges 
of  accounting  fraud,  acknowledging  what  investigators  call  a  “widespread  practice’’ at  CA 
of  prematurely  booking  revenue  from  software  contracts  before  they  closed.  Lloyd 
Silverstein,  formerly  the  company’s  senior  vice  president  of  finance,  entered  the  plea  in 
U.S.  District  Court  in  Brooklyn.  He  left  CA  last  October, along  with  his  boss, CFO  Ira  Zar.and 
a  third  financial  executive, after  CA  admitted  an  internal  investigation  turned  up  evidence 
of  premature  bookings  during  its  2000  fiscal  year.  Silverstein  faces  financial  penalties  and 
up  to  five  years  in  prison. 


Time  is  money.  So  it’s  important  to  get  new  business  software  up  and  running  quickly.  Which  is  why  SAP  solutions  built  on  the  open 
SAP  NetWeaver  platform  make  so  much  sense.  Because  they’re  designed  with  fast  implementation  in  mind,  you  can  see  business  results  quickly. 
Visit  sap.com/speed  or  call  800  880  1727  to  see  how  fast  SAP  can  make  things  happen  for  your  company. 


©2004  SAP  AG  SAP  and  the  SAP  I090  are  trademarks  and  registered  trademarks  of  SAP  AG  in  Germany  and  several  other  countries. 
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linuxWorld:  Users  swap  strategies 


■  BY  PHIL  HOCHMUTH 

NEW  YORK  —  Stronger  Linux 
support  from  software  vendors 
and  the  ability  to  control  the 
open  source  software  is  spurring 
large  corporations  to  accelerate 
their  adoption  of  Linux,  accord¬ 
ing  to  users  who  spoke  last  week 
at  LinuxWorld  Expo  2004. 

While  vendors  from  IBM  to  Red 
Hat  displayed  their  latest  enter¬ 
prise-focused  Linux-based  hard¬ 
ware  and  software,  an  estimated 
crowd  of  11,000  descended  on 
the  Jacob  Javitz  Center  with 
many  users  talking  up  Linux  strat¬ 
egy  and  developments. 

At  Bank  of  America,  Linux  has 
gained  such  a  presence  that  the 


firm  now  has  an  IT  executive  ded¬ 
icated  to  the  technology. 

“Linux  is  one  of  those  technolo¬ 
gies  that  provides  the  proverbial 
white  sheet  of  paper;’  says  Tim 
Golden,  director  of  Linux  design 
and  engineering  at  Bank  of  Amer¬ 
ica  in  Charlotte,  N.C.  “Whereas 
many  legacy  technologies  can 
shackle  users,  Linux  [and  open 
source]  can  let  you 
break  that  cycle.” 

The  nation’s  largest 
bank  (in  terms  of  num¬ 
ber  of  branches)  uses 
Linux  extensively  for  its 
Web  servers,  and  appli¬ 
cations  such  as  Reuters’ 
information  delivery  The 
firm  also  is  looking  at 


Attendees  at  LinuxWorld  last  week 
heard  announcements  of  products 
that  keyed  in  on  management  and 
security. 


rehosting  its  Tivoli  network  man¬ 
agement  infrastructure  on  Linux 
and  migrating  some  Oracle  data¬ 
bases. 

“Any  application  that  can  run 
on  Linux,  we’ll  consider  it,” 
Golden  says. 

The  firm  takes  a  structured 
approach  to  Linux,  Golden  says.  IT 
staff  evaluate  and  audit  Linux  soft¬ 
ware  and  other  open  source  tools, 
such  as  Apache,  MySQL  databases 
and  Perl,  then  customizes  it  to 
meet  Bank  of  America’s  stan¬ 
dards.  Code  also  is  distributed  via 
Red  Hat’s  RPM  software  package 
management  and  delivery  tech¬ 
nology  This  has  contributed  to  a 
reduction  in  operational  and 
See  LinuxWorld,  page  14 


Lab  test  gives  most  IPS  products  high  marks 


■  BY  ELLEN  MESSMER 

A  comprehensive  lab  evaluation  of  six  intrusion-preven¬ 
tion  systems  that  automatically  block  attacks  suggests  IPS 
is  ready  for  enterprise  use  despite  concerns  that  false  pos¬ 
itives  will  lead  to  the  blocking  of  legitimate  traffic. 

Network-equipment  evaluation  lab  NSS  Group  lobbed  a 
battery  of  high-speed  attack  and  evasion  tests  for  two 
weeks  at  network-based  IPS  appliances  from  Internet 
Security  Systems,  NetScreen  Technologies,  Network 
Associates,  TippingPoint  Technologies  and  Top  Layer  Net¬ 
works.  Separately,  NSS  tested  one  host-based  product, 
Entercept  from  Network  Associates.  All  but  NetScreen’s 
IDP-500  won  an  “approval”  rating  from  NSS. 

The  results  of  the  examination, among  the  first  of  its  kind, 
indicate  that  network-based  IPS  in  most  cases  performed 
flawlessly  or  near  flawlessly  —  and  network  managers 
should  abandon  exaggerated  worries  about  it.’These  tests 
verify  the  stability  of  the  IPS  device  under  various  extreme 
conditions,”  NSS  concluded,  adding, “The  group  of  tests  ver¬ 
ified  that  network  IPS  will  not  block  legitimate  traffic  and 
is  capable  of  detecting  and  blocking  a  wide  range  of  com¬ 


mon  exploits.” 

NSS  has  had  extensive  experience  testing  intrusion- 
detection  systems  (IDS), which, unlike  the  IPS  offerings, are 
limited  to  monitoring  for  attacks.  It  took  a  year  of  planning 
to  devise  the  test  methodology  for  its  first  IPS  evaluations, 
says  lab  director  Bob  Walder. 

“It’s  very  hard  to  establish  a  test  regimen  when  creating  a 
new  group  test  from  scratch,”  Walder  says. “There  is  strong 
justification  for  our  latest  test  methodologies  to  be  adopted 
as  de  facto  standards  when  testing  these  types  of  products.” 

NSS’  lab  used  Spirent  Communications’  network  perfor¬ 
mance  analysis  systems  SmartBits  SMB-6000  and  SMB-600 
to  test  IPS  at  up  to  multi-gigabit  speeds,  when  the  IPS  could 
handle  it. 

NSS  tested  for  load  balancing  of  IPS  and  used  the  Smart- 
Bits  SmartWindow  and  SmartFlow  features  to  generate 
background  traffic  for  the  64-  and  1,514-byte  tests.  Ava¬ 
lanche  and  Reflector  gear  from  Spirent  simulated  real- 
world  network  traffic  with  connection  speeds,  packet  loss 
and  browser  emulation.  This  helped  determine  perfor¬ 
mance  bottlenecks,  if  any  by  setting  up  Web,  FTP  and  other 
connections. 


NSS  tested  for  1  million  simultaneous  connections  at  up 
to  1G  bit/sec  while  throwing  hundreds  of  different  attacks 
at  each  IPS  appliance. 

The  results  can  be  obtained  in  a  300-page  report  at  the 
NSS  site  www.nss.co.uk. 

In  most  instances,  the  testing  found  IPS  held  its  own 
against  denial-of-service  attacks,  computer  worms,  evasion 
tactics  such  as  “Whisker”  and  other  types  of  attacks. 

“As  an  integral  part  of  the  network  fabric,  the  network  IPS 
device  must  perform  much  like  a  network  switch.  It  must 
meet  stringent  performance  and  reliability  requirements 
as  a  prerequisite  to  deployment,  since  very  few  customers 
are  willing  to  sacrifice  network  performance  and  reliabil¬ 
ity  for  security’  NSS  says. 

In  most  cases,  the  IPSs  passed  the  test.  However,  as  the 
report  notes,  there  were  a  few  instances  where  NSS  came 
up  with  an  attack  that  the  IPS  equipment  didn’t  expect, 
causing  a  failure  to  detect  the  attack.  NSS  gave  each  ven¬ 
dor  a  chance  to  update  its  equipment  for  the  new  attack 
within  24  hours  to  detect  and  stop  it.All  the  vendors  except 
NetScreen  managed  to  do  this,  according  to  the  report. 

Ajit  Sanchetti,  product  line  manager,  attributed  the  prob¬ 
lems  NetScreen’s  IPS  had  in  the  tests  to  the  fact  that 
NetScreen  had  submitted  beta  code  of  new  features.  “We 
had  some  bugs  that  caused  some  problems  in  attack  cov¬ 
erage  and  latency’  Sanchetti  says.  He  says  it  was  a  “tempo¬ 
rary  setback”  and  that  NetScreen  believes  it  has  fixed  the 
problems  and  is  eager  to  participate  in  future  NSS  tests. 

The  report  underscores  the  fact  that  the  IPS  equipment 
under  review  relies  on  knowledge  of  attacks  to  stop  them. 
That  means  that  while  IPS  can  respond  accurately  to 
known  attacks,  it’s  the  fear  of  unknown  attacks  that  might 
still  concern  users. 

However,  the  NSS  report  sums  up  why  network  managers 
should  consider  a  switch  from  IDSs  that  simply  monitor  to 
IPSs  that  block: “One  point  in  favor  of  IPS  when  compared 
with  IDS  is  that  because  it  is  designed  to  prevent  the  attack 
rather  than  just  detect  and  log  them,  the  burden  of  exam¬ 
ining  and  investigating  the  alerts  —  and  especially  the 
problem  of  rectifying  damage  done  by  successful  exploits 
—  is  reduced  considerably’ 

Network  World  next  month  plans  to  publish  a  test 
review  of  how  IPS  equipment  performs  in  live,  produc¬ 
tion  networks.  ■ 


IPS  scorecard 

How  intrusion-prevention  systems  scored  in  the  NSS  Group  test: 


Vendor 

Product 

Maximum 

speed* 

Assessment 

Internet  Security 
Systems 

Proventia  G200 

200M  bit/sec 

Did  well  in  detection  and  evasion  tests  but  as  the 
lowest-speed  model  was  limited  to  less  than  500,000 
simultaneous  connections. 

NetScreen 

IDP-500 

500M  bit/sec** 

Failed  to  achieve  “approved  status”  due  to  5%  failure 
to  recognize  attacks. 

Network  Associates 

IntruShield  4000 

1.8G  bit/sec 

Did  well  in  detection  and  evasion  tests  but  suffered 
some  latency. 

TippingPoint 

Technologies 

UnityOne  1200/2400 

1G  bit/sec 

Won  “top  approval"  rating  for  detection  and  evasion. 

Top  Layer 

Attack  Mitigator 

IPS  2400 

1G  bit/sec 

Did  well  in  detection  and  evasion  tests  but  limited  to 
maximum  500,0000  simultaneous  connections;  one 
series  of  tests  with  HTTP  maxed  at  750M  bit/sec. 

'  ’'jm  speed  attained  under  most  severe  test  loads. 

d  as  500M  bit/sec  device,  but  showed  increased  latency  and  dropped  traffic  at  250M  bit/sec. 


SIMPLE 


LOW  COST 


xpc 


SANS 


We  come  in  peace  to  rid  your  world 
of  costly,  complex  SANs. 


In  February,  2004,  the  world  will  know  what  is  behind  a  whole  new  generation  of  storage  networking 
technology.  Switches,  HBAs  and  solutions  that  make  simple,  low-cost  SANs  a  reality.  For  small, 
medium  and  global  enterprises.  With  dramatically  reduced  cost  and  complexity.  Out  of  this  world 
performance.  Simple,  point-and-click  management.  And  pervasive  interoperability. 


www.simplelowcostSANs.com 


Coming  February,  2004. 

Your  world  will  never  be  the  same. 


12 

NetworkWorld 

1/26/04 

News 

www.nwfusion.com 

ComNet  changes  focus  to  boost  show 


■  BY  TIM  GREENE,  DENISE 
DUBIE,  PHIL  HOCHMUTH,  AND 
DENISE  PAPPALARDO 

A  relocated,  scaled-down  Corn- 
Net  2004  opens  its  doors  this 
week  promising  practical  tips  for 
IT  executives,  as  well  as  product 
and  service  unveilings  from 
Foundry  Network,  NetScout, 
Quick  Eagle  and  Sprint. 

Once  a  premier  service-pro¬ 
vider  forum  that  packed  the  old 
Washington  Convention  Center, 
ComNet  has  only  76  exhibitors 
listed  on  its  Web  site,  down  from 
last  year’s  141.  Organizers  would 

C0MNET 

not  say  how  many  attendees  are 
registered,  but  acknowledge  that 
last  year’s  audience  of  16,000  was 
only  about  half  of  preconference 
projections.  The  show  is  spon¬ 
sored  by  IDG  World  Expo,  a  sister 
company  of  NetworkWorld. 

Now  in  its  26th  year,  the  show 
has  moved  two  blocks  to  the  new 
Washington  Convention  Center, 
and  its  focus  has  shifted  from  car¬ 
riers  to  corporate  networks,  as 
indicated  by  the  products  set  to 
debut.These  products  range  from 
high-speed  switching  hardware  to 
enterprise  routers  to  perfor¬ 
mance-management  gear. 

Among  the  educational  offer¬ 
ings  are  a  series  of  presentations 
called  30/60  sessions  that  prom¬ 
ise  30  tips  in  60  minutes.  Topics 
include  improving  the  efficiency 
of  remote  workers;  developing 
faster,  smarter,  better  IT  depart¬ 
ments;  and  what  government 
agencies  need  to  know  about  IP 

IT  innovators 

A  panel  of  innovative  IT  bosses 
will  share  experiences  gleaned 
from  ongoing  projects.  Among 
them  is  Rock  Regan,  CIO  for  the 
state  of  Connecticut,  who  will  talk 
about  plans  to  virtualize  servers. 
Historically  the  state  has  bought 
departments  the  biggest,  fastest 
servers  it  can  afford  when  needs 
arise,  figuring  that  over  time  they 
will  use  more  capacity  But  that 
strategy  leaves  actual  use  of  the 
servers  at  10%,  Regan  says.  He  will 
outline  efforts  to  make  better  use 
of  what  he  has  with  blade  servers 
and  virtualization  software. 

“We’re  looking  at  technology 
that  allows  us  to  create  virtual 
servers  and  almost  servers  on 
demand,”  he  says.  “We’re  looking 


to  say,  ‘How  can  we  consolidate 
resources  to  have  fewer  servers 
and  then  buy  capacity  only  when 
we  need  it?’“ 

Although  not  exhibiting  at  the 
conference,  Sprint  is  using  the 
show  to  launch  its  first  service 
based  on  Multi-protocol  Label 
Switching  (MPLS).  Last  July  the 
carrier  announced  its  intention 
to  support  the  technology  after 
long  denying  the  need  to  sup¬ 
port  it.  Sprint  says  it  will  not 
deploy  MPLS  in  the  core  of  its 
network,  although  it  acknowl¬ 
edges  that  customers  want  MPLS 
services  that  can  potentially  fully 
mesh  sites,  prioritize  traffic  and 
impose  quality  of  service  (QoS) 
on  different  traffic  types. 

“Sprint  is  losing  business  be¬ 
cause  it  doesn’t  have  an  MPLS 
offering,”  says  David  Willis,  senior 
analyst  at  Meta  Group.  “It  has 
become  a  check-off  item  in 
RFPs.” 

Sprint  initially  planned  to  roll 
out  an  MPLS  offering  by  the  end 
of  last  year. The  carrier  would  not 
offer  details  about  any  ComNet 
announcement.  Its  competitors 
AT&T,  Equant  and  MCI  already 
support  MPLS. 

Sprint  also  is  expected  to  an¬ 
nounce  a  remote  access  service 
based  on  SSL  technology  that 
Aventail  supports.The  service  will 
let  mobile  customers  with  Inter¬ 
net  access  and  Web  browsers  sec¬ 
urely  access  corporate  servers. 

The  attraction  of  such  a  service 
is  that  any  machine  with  a  Web 
browser  can  access  the  servers  as 
long  as  the  user  presents  valid 
authentication. This  is  seen  as  an 
alternative  to  IPSec  remote 
access  VPNs  for  many  users  who 
don’t  need  network-layer  access. 
The  SSL  service  eliminates  the 
need  to  install,  configure  and 
maintain  client  software.  It  also 
lets  users  access  networks  from 
non-corporate  machines  such  as 
at  partners’ sites  or  public  kiosks. 

Aventail  SSL  servers  sit  between 
corporate  sites  and  the  Internet 
and  proxy  authenticated  SSL  ses¬ 
sions.  Aventail  supports  similar 
services  for  other  carriers  includ¬ 
ing  AT&T,  ANXeBusiness,  Bell 
Canada,  IBM  Global  Services  and 
Infonet. 

Foundry  will  take  the  ComNet 
stage  to  launch  high-speed  hard¬ 
ware  that  supports  high-availabil¬ 
ity  links  to  large  data  centers  via 
its  Biglron  MG8  enterprise  switch¬ 
es.  Carrier  versions  of  the  new 
gear  can  support  uplinks  to  10G 
bit/sec  metropolitan-area  net¬ 


works  (MAN)  on  Foundry’s  Net- 
Iron  40G  carrier  chassis.The  com¬ 
pany  will  announce  a  10G  Ether¬ 
net  module  and  two  high-density 
Gigabit  Ethernet  modules  for  the 
two  switches. 

The  two-port  10G  Ethernet  card 
gives  customers  a  smaller,  less  ex¬ 
pensive  10G  option  for  Biglron 
MG8  and  Netlron  40G  chassis.  An 
earlier  card  had  four  ports. 

The  other  two  blades  being 
announced  are  40-port  Gigabit 
Ethernet  cards,  one  with  fiber 
interfaces  and  one  with  copper. 

In  corporations,  this  hardware 
is  targeted  at  large  data  centers 
or  scientific  and  research  clus¬ 
tering  applications.  In  carrier 
networks,  the  blades  could 
aggregate  gigabit  trunks  onto 
10G  MAN  backbones. 

The  two-port,  10G  blade  could 
be  used  to  support  failover  trunk¬ 
ing  to  10G  data-center  uplinks, 
says  Ken  Chang,  a  product  direc¬ 
tor  for  Foundry  “By  pairing  ports 
on  separate  blades  together,  one 
blade  can  fail,  and  you  would  still 
have  your  link.” 

All  Foundry  10G  Ethernet  mod¬ 
ules  are  based  on  the  XENPAC 
optical  standard  that  leaves  cus¬ 
tomers  the  option  of  configuring 
ports  for  either  short-  or  long-haul 
fiber.  The  blades  for  the  Biglron 
chassis  cost  $35,000.  Setting  up  a 
similar  configuration  using  the 
earlier  four-port  modules  would 
cost  more  than  $100,000. 

The  new  modules  each  come 
in  two  versions,  one  for  corpora¬ 
tions  and  one  for  carriers,  with 
the  carrier  version  having  twice 
the  memory  to  support  higher- 
scale  Border  Gateway  Protocol 
(BGP)  and  Open  Shortest  Path 
First  routing. 

The  40-port  Gigabit  Ethernet 
enterprise  modules  cost  $50,000 
for  fiber  and  $45,000  for  copper. 
The  carrier  versions  cost 
$55,000,  and  $50,000,  respective¬ 
ly  The  10G  enterprise  module 
costs  $35,000  and  the  carrier 
module  costs  $55,000. 

Spotlight:  Quick  Eagle 

Quick  Eagle  is  expected  to 
introduce  a  family  of  low-end  T-l 
routers  that  are  a  replacement 
and  upgrade  for  some  of  its 
branch-office  routers  that  it  says 
are  less  expensive  than  similar 
products  from  Cisco. 

The  new  product  family,  called 
the  4300  Access  Router  series 
includes  two  models  that  are  de¬ 
signed  to  compete  with  Cisco 
2600  series  routers.  Built  on  the 


same  chassis,  the  devices  differ 
in  the  number  of  Ethernet  ports 
they  have  and  software  options. 
They  lack  integration  with  Cisco 
management  and  other  Cisco 
products. 

The  4330T  comes  with  one 
10/100M  bit/sec  Ethernet  port,  a 
DSU/CSU  and  a  T-l  port.  Options 
include  turning  on  a  second  T-l 
port  that  ships  with  the  router,  as 
well  as  Differentiated  Services 
software  to  impose  QoS  on  traf¬ 
fic.  Other  options  are  support  for 
BGP4  routing  and  drop-and- 
insert  capabilities.  The  base 
price  is  $1,400. 

The  4335T  comes  with  two  10/ 
100M  Ethernet  ports  and  a  T-l 
port.  It  costs  $1,800  and  has  the 
same  options  as  the  4330T. 


Network  management  vendors 
also  plan  to  use  ComNet  to  show¬ 
case  new  wares  designed  to  bet¬ 
ter  manage  traffic  and  pinpoint 
performance  problems  in  con¬ 
verged  networks. 

Allot  Communications  will  un¬ 
veil  “monitoring-only”  options 
with  its  NetEnforcer  product  line, 
which  the  company  says  will  help 
network  managers  spot  bottle¬ 
necks  on  their  networks  without 
breaking  the  bank.  For  example, 
NetEnforcer’s  AC-202  appliance 
costs  $3,200  with  the  Monitoring 
option,  vs.  $5,500  for  the  same 
appliance  with  the  software  bun¬ 
dle  enabled. 

The  NetEnforcer  suite  was  built 
on  policy-based,  network  traffic- 
management  appliances  bun¬ 
dled  with  software  to  identify 
potential  performance,  band¬ 
width  and  security  problems. 
Now  the  monitoring-only  option 
unbundles  the  software,  letting 
customers  pick  just  the  software 
they  want.  The  appliance  can  be 
upgraded  remotely  by  Allot  if  cus¬ 
tomers  want  more  capabilities. 

The  NetEnforcer  AC-202  sup¬ 
ports  bidirectional  throughput 
speeds  up  to  10M  bit/sec.  The 
NetEnforcer  AC402  supports  bidi¬ 


rectional  throughput  speeds  up 
to  100M  bit/sec  with  pricing  start¬ 
ing  at  $8,000.  Allot’s  high-end 
NetEnforcer  AC-1000  series  sup¬ 
ports  bidirectional  throughput 
speeds  up  to  1G  bit/sec  with 
prices  starting  at  $32,000. 

Also  at  the  show,  NetScout  plans 
to  announce  upgrades  to  its  per¬ 
formance  management  software 
and  network  probes.  The  compa¬ 
ny  added  features  that  monitor 
the  performance  of  Citrix  in  con¬ 
verged  networks. 

NetScout’s  nGenius  Perform¬ 
ance  Manager  2.0.1  and  nGenius 
Probe  Firmware  6.0.1  now  pro¬ 
vide  visibility  into  the  perfor¬ 
mance  of  Citrix-served  applica¬ 
tions.  Citrix  Systems  provides  soft¬ 
ware  that  lets  client  devices  con¬ 


nect  to  and  run  applications 
loaded  on  Windows  NT/2000  or 
Unix  servers. 

Network  executives  can  central¬ 
ize  and  manage  applications  on 
groups  of  servers,  instead  of  on 
hundreds  or  thousands  of  indi¬ 
vidual  PCs. 

The  challenge  managing  appli¬ 
cations  delivered  via  a  Citrix- 
hosted  server,  NetScout  says,  is 
pinpointing  performance  prob¬ 
lems  among  the  applications. 
“Citrix  allows  IT  staff  to  centrally 
host  common  applications,  like 
Microsoft  Office,  which  is  an 
inexpensive  and  attractive  alter¬ 
native,”  says  Eileen  Haggarty,  a 
product  manager  at  NetScout. 
“But  once  the  apps  are  convert¬ 
ed  to  Citrix,  they  can  become  a 
black  hole  in  terms  of  perfor¬ 
mance  management.” 

The  new  features  will  let  net¬ 
work  managers  automatically 
monitor  Citrix  traffic  flows  to  see 
how  other  services  and  network 
changes  affect  performance.  Net¬ 
Scout  says  the  software  and  hard¬ 
ware  probes  also  can  distinguish 
between  network,  server  and 
application  performance  faults, 
ultimately  reducing  time  to  find 
and  fix  problems.  ■ 


fcfcWe’re  looking  to  say,  ‘How  can 
we  consolidate  resources  to  have 
fewer  servers  and  then  buy  capac¬ 
ity  only  when  and  if  we  need  it?’99 


Rock  Regan 

CIO,  State  of  Connecticut 


Server  blades  engineered  to  work 
across  complex  computing  environments. 


HP  ProLiant  server  blades,  powered  by  Intel'  Xeon™  processors,  are  designed  to  support  a  variety  of  robust  enterprise 
solutions,  including  SANs.  It  is  not  difficult  to  appreciate  the  architectural  excellence  of  the  new  HP  ProLiant  BL40p  and  BL20p  G2  server  blades 
They're  the  most  powerful,  flexible,  industry-standard  blades  for  business  today.  In  addition  to  meeting  your  company's  expanding  needs  for  server  capacity, 
they're  designed  with  SAN  connectivity  to  support  sophisticated  storage  environments  — easily,  reliably  and  affordably.  Combined  with  HP  ProLiant  Essentials 
software,  they  can  dramatically  reduce  deployment  time  and  help  maximize  productivity.  Which  means,  of  course,  your  business  saves  money.  Demand  more 
from  your  IT  systems.  Integrate  HP  ProLiant  server  blades  into  your  environment.  And  carry  your  business  to  a  stronger,  more  cost-effective  place. 


I  HP  ProLiant  BL20p  G2 

I  Up  to  two  Intel®  Xeon™  processors  DP  3.20GHz 

I"  Available  with  three  10/100/1000  NICs  and 
one  management  NIC  plus  dual  2Gb  fibre 
channel  mezzanine  card 

-  Up  to  8GB  DDR  memory 

*  Optional  Rapid  Deployment  Pack 
I  software  allows  for  quick  multi-server  deployment 


Complements  ProLiant 
server  blades 


HP  MODULAR  SMART 
ARRAY  1  000 


ProLiant  servers  and  the  MSA1000 
have  been  engineered  to  work 
better  together.  To  safely  migrate 
data  in  a  SAN  environment,  simply 
remove  ProLiant  drives  and  insert 
them  into  the  MSA1000. 


invent 


Demand  more  with  HP  ProLiant  server  blades.  Download  IDC's  white  paper,  "Enabling  Business  Agility  Through 
Server  Blade  Technology"  at  wvAM.hp.com/go/proliantl5  or  dial  1-800-282-6672,  option  5  and  mention  code  AKWY. 


Intel,  Intel  Inside,  the  Intel  Inside  Logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  ©  2003  Hewlett-Packard  Development  Company,  L.P. 
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I  li/Lotus  plans  to  tie  it  all  together 

Company  to  use  Lotusphere  to  map  out  its  commitment  to  Domino,  Lotus  Workplace. 


Choices,  choices 

IBM/Lotus  Workplace  and  the  integration  of  Domino  and 
Java  Platform  2  Enterprise  Edition  give  Domino  users 
three  basic  options,  according  to  Meta  Group. 

Stick  with  Domino:  Companies  will  maximize  their  investment 
in  Domino  (software,  development,  training)  as  long  as  the  product 
is  supported,  which  Meta  predicts  will  be  through  the  end  of  this 
decade.  But  Meta  says  that  strategy  is  shortsighted  and  could 
paint  users  into  a  corner  if  not  integrated  with  Lotus  Workplace. 

Upgrade  to  the  WebSphere  platform:  Meta  believes  the  bulk  of 
Domino  users  will  end  up  here  and  will  operate  a  dual  infrastructure 
for  several  years  depending  on  how  well  IBM  supports  that 
configuration.  Caveats  include  converting  Domino  developers  to 
J2EE  and  whether  to  step  up  to  the  full  IBM  Portal  strategy. 

Move  Off  Domino:  Those  with  existing  commitments  to  competing 
portal  or  application  servers  or  who  have  adopted  Microsoft's 
.Net  might  stray  from  the  IBM/Lotus  fold.  Users  will  have  to 
figure  out  what  to  do  with  existing  Domino  apps,  how  to  replace 
rapid  application  development  tools  and  establish  a  business 
case  for  the  migration. 


SI  BY  JOHN  FONTANA 

iBM/Lotus  plans  to  play  a  game 
of  connect-the-dots  this  year  at  its 
annual  Lotusphere  conference  as 
it  juggles  commitments  to  its 
faithful  Domino  customers  along 
with  its  emerging  collection  of 
collaborative  components  that 
run  on  WebSphere. 

This  week’s  conference  in 
Orlando  will  be  more  Web- 
(Sphere)  than  Lotus(sphere), 
but  the  intent  is  to  give  end  users 
clear  road  maps  whether  they 
are  committed  to  Domino,  the 
new  Lotus  Workplace  collabora¬ 
tion  components  that  straddle 
the  Domino  and  WebSphere 
worlds,  or  full-portal  implemen¬ 
tations  using  WebSphere  and 
Java  Platform  2  Enterprise 
Edition  (J2EE). 

“The  power  will  be  in  the  clarity 
of  the  message  of  where  they  are 
and  where  they  are  going,”  says 
David  Marshak,  an  analyst  with 
Patricia  Seybold  Group.  He  says 
clarity  has  been  lacking  at 
Lotusphere  over  the  past  few 
years.  “Users  will  see  they  have  a 
path  forward  from  wherever  they 


are  today’ 

As  part  of  the  connect-the-dots 
game,  IBM/Lotus  plans  to  preview 
a  rapid  application  development 
tool  for  WebSphere  Studio,  similar 
to  the  Domino  Designer  tool,  but 


based  on  J2EE  and  simple 
enough  for  line-of-business  man¬ 
agers  to  assemble  components 
into  a  business  process.  Several 
Domino  Designer-like  RAD  fea¬ 
tures  showed  up  in  WebSphere 


Studio  5.1  last  August.  The  tool  is 
expected  to  ship  mid-2004. 

Lotus  will  show  its  Rich  Client 
Platform  (RCP),  a  browser-based 
client  that  includes  a  small  data¬ 
base  to  support  offline  use  of 
data.  The  Java  client,  developed 
on  the  open  source  Eclipse 
framework,  can  access  Domino 
through  portlets,  including  a  tech¬ 
nology  called  Reverse  Proxy 
Portlets  that  will  provide  access  to 
the  logic  and  user  interface  of 
applications  running  on  Domino. 
The  RCP  client  is  expected  to  be 
available  mid-year. 

Also  on  tap  is  Domino  6.51, 
which  will  align  Domino  and  the 
new  Workplace  components  on 
the  same  release  cycle  so  users 
can  more  easily  integrate  the 
technologies.  IBM/Lotus  also 
plans  to  introduce  a  software 
bundle  that  hints  at  a  replace¬ 
ment  for  Domino.  The  IBM 
Solution  for  On  Demand  Work¬ 
place  bundles  an  application  and 
portal  server,  and  collaboration 
and  content  management  com¬ 
ponents.  The  bundle  does  not 
include  Domino  Server,  relies  on 
J2EE  and  a  relational  database, 


and  looks  similar  to  the  mono¬ 
lithic  “stack”  of  services,  such  as 
security  and  collaboration,  con¬ 
tained  within  Domino.  It  is  slated 
to  be  available  before  April  1. 

Another  key  message  will  be 
directed  at  resellers  and  indepen¬ 
dent  software  developers.  IBM 
hopes  they  will  be  attracted  to  its 
Lotus  Workplace  and  WebSphere 
platform,  offer  integration  and 
support  services,  and  customized 
applications. 

Experts  say  the  message  is  a 
volley  from  IBM  in  its  war  with 
Microsoft  over  its  platform  for 
collaboration  and  Web  services. 

“ISVs  coming  away  from  Micro¬ 
soft’s  [Professional  Developers 
Conference]  may  have  been  ner¬ 
vous  that  Microsoft  was  not  leav¬ 
ing  enough  on  the  table  for  them 
with  Longhorn,  and  IBM  plans  to 
say  that  there  is  enough  on  its 
table  for  everyone  and  there  is  a 
lot  of  work  to  do,”  says  Dana 
Gardner,  an  analyst  with  The 
Yankee  Group. 

Gardner  says  IBM  is  clearly 
ahead  of  Microsoft  with  its  plans 
for  a  unified  data  model  using 
DB2,  its  client  strategy  and  plans 
for  phased  migrations.  Microsoft 
has  laid  out  an  infrastructure 
overhaul  with  its  operating  sys¬ 
tem,  which  isn’t  expected  to  ship 
until  2006. 

But  Gardner  warns  the  down¬ 
side  is  lots  of  complexity  that  will 
require  professional  services. 

“Clearly  this  will  be  a  real  transi¬ 
tional  Lotusphere,”  Gardner  says. 
“It  will  make  clear  the  road  map 
and  the  wholeidea  that  the  portal 
is  the  be-all  and  end-all.”  ■ 
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■  THIS  WEEK’S  QUESTION: 

Which  network 
company  was  started  up 
by  the  husband/wife 
team  of  Victor  and  Janie 
Tsao  in  1988? 


Stumped?  Get  the  answer  online. 

Visit  Network  World  Fusion  and  enter 
2349  in  the  Search  box. 
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management  costs  at  Bank  of  America  as  a 
result  of  its  Linux  usage. 

“Our  goal  is  to  have  our  Linux  administrators 
manage  2.6  times  as  many  servers  as  our  Unix 
people,”  Golden  says.“We’re  getting  very  close 
to  achieving  that.” 

When  Northern  Trust,  a  Chicago  financial 
services  firm,  looked  at  Linux  two  years  ago, “a 
lot  of  the  software  that  was  important  to  us  at 
the  time  was  not  quite  ready  to  run  on  Linux,” 
says  Robert  Schwartz,  vice  president  of  world¬ 
wide  technology  for  the  company  “The  sec¬ 
ond  time  we  looked  at  Linux  [at  the  end  of 
2003], things  had  changed.” 

Schwartz  says  Northern  Trust  had  deployed 
Linux  on  its  mainframes  several  years  ago  as 
virtual  servers,  for  running  smaller  tasks.  But  a 
big  part  of  Northerns  decision  to  use  Linux 
was  BEA  Systems’  migration  of  its  Weblogic 
application  server  to  the  open  source  plat¬ 
form,  he  says.  In  addition  to  the  mainframes, 
the  firm  now  runs  80  applications  on  BEA  on 
Intel-based  Linux  servers.  But  the  goal  was  not 
cost  savings,  he  says. 

“Cheap  is  a  relative  term,”  Schwartz  says. 
Lower  acquisition  costs  promised  by  Linux 
vendors  is  largely  a  myth.  “Diversification  of 
hardware  and  software  platforms  was  more 
important  to  us,”  he  says.  Running  key  enter¬ 
prise  applications  on  commodity  hardware 
and  software  has  given  Northern  Trust  more 


flexibility  in  its  dealings  with  vendors. 

Another  message  Schwartz  gave  was  that 
large  organizations  must  pick  their  spots  when 
migrating  one  operating  system  to  Linux. 

“There  are  transition  costs  that,  while  I 
wouldn’t  say  took  us  by  surprise,  we  might  not 
have  had  a  full  appreciation  for]’ he  says. 

One  area  was  a  plan  to  migrate  file  and  print 
servers  from  Windows  to  Linux. 

“We  thought  that  migration  would  be  like 
falling  off  of  a  log,”  Schwartz  says.  “Then  we 
ran  into  issues  with  Active  Directory  integra¬ 
tion,  print-driver  issues.  In  the  end,  it  just 
didn’t  work  for  us.” 

On  the  show  floor,  vendors  made  security 
and  management  announcements  around 
Linux  that  address  some  of  the  concerns  of 
users  such  as  Bank  of  America’s  Golden  and 
Northern  Trust’s  Schwartz. 

IBM  and  SuSe  announced  they  had 
achieved  new  levels  of  security  and  opera¬ 
tions  certification  for  SuSe  Linux  running  on 
Big  Blue’s  hardware.  The  companies  an¬ 
nounced  that  SuSe  Linux  Enterprise  Server  8 
with  Service  Pack  3  running  on  IBM  Intel 
servers  achieved  Controlled  Access  Protec¬ 
tion  Profile  compliance  under  the  Common 
Criteria  for  Information  Security  Evaluation, 
commonly  referred  to  as  CAPP/EAL3+.  The 
companies  said  this  certification  level  will 
let  the  Linux  hardware/software  combina¬ 
tion  meet  the  strictest  government  standards 
for  security 

On  the  management  front,  Red  Hat  an¬ 


nounced  what  it  calls  a  Provisioning  Module 
for  its  Red  Hat  Network  patch  updating  ser- 
vice.The  software  will  let  Red  Hat  Linux  cus¬ 
tomers  manage  and  deploy  software  to  a 
large  network  of  Red  Hat  machines.The  soft¬ 
ware  could  help  users  automate  patch  man¬ 
agement,  operating  system  upgrades  and 
other  management  tasks,  the  company  says. 

With  security  on  the  minds  of  many  show- 
goers,  one  Linux  expert  at  LinuxWorld  said 
companies  need  to  incorporate  rigid  security 
auditing  and  management  procedures  if  they 
are  considering  Linux. 

“Getting  a  system  to  run  well  and  getting  it  to 
run  securely  takes  the  same  kind  of  attention,” 
says  Jay  Beale,  lead  developer  for  the  Bastille 
Linux  Project,  which  maintains  an  open 
source  security  auditing  and  lock-down  tool 
for  Linux  systems.’Auditing  a  Linux  system  de¬ 
ployment  and  making  sure  the  auditor  isn’t 
the  same  person  who  set  up  the  system  — 
those  kinds  of  things  are  necessary  to  ensure 
against  problems.” 

While  there  has  been  increased  publicity 
over  Linux  vulnerabilities  —  such  as  Linux- 
based  worms  and  attack  vulnerabilities 
in  the  Linux  kernel  —  it  doesn’t  mean 
Linux  has  become  more  dangerous  to  use, 
Beale  says. 

“Linux  isn’t  more  vulnerable  now  than  it 
was  before,”  he  says.“It’s  just  that  no  one  really 
started  paying  attention  to  Linux  security  until 
people  started  getting  hacked  . . .  It’s  just  a  mat¬ 
ter  of  being  more  vigilant  nowl’B 


Minimize  costs.  Maximize  utilization.  Virtualize  your  storaqe. 
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HP's  virtualization  solutions  simplify  storage  management  while  making  the  most  of  the  storage  you  already  have. 

Your  data  storage  needs  keep  expanding.  Your  budget  keeps  shrinking.  HP's  EVA3000  and  EVA5000  virtual  arrays  can  solve  both  problems.  They  let 
you  pool  your  storage,  so  it  can  be  instantly  assigned  wherever,  whenever  and  in  whatever  amount  it's  needed.  Efficiency  doesn't  come  at  the  expense 
of  complexity  either,  thanks  to  an  intuitive  Web  interface.  And  HP  is  the  only  company  that  offers  host,  network  and  array-based  virtualization  solutions. 
Lower  costs.  Higher  utilization  of  your  assets.  It's  a  virtual  no-brainer. 


HP  StorageWorks  EVA5000 

—  Modular  virtual  RAID  storage  for  effective 
SAN  data  administration  at  minimal  costs. 

—  Automated  array  management  removes 
boundaries  of  traditional  storage. 

-  Outstanding  self-tuning  performance  with 
scalable  capacity  on  demand. 

-  Highly  available  platform  offering  stability 
and  proactive  services. 
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Demand  more  efficiency.  Download  ZDNets  white  paper  "Doing  More  with  Less  with  HP  StorageWorks  EVA5000  or 
HP  StorageWorks  EVA3000"  atwww.hp.com/go/storage7  or  dial  1-800-282-6672,  option  5  and  mention  code  AKWF. 
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EbXML  fast  facts 


Origin:  Launched  in  September  1999 

Original  developing  organizations:  United  Nations  Centerfor 
Facilitation  of  Procedures  and  Practices,  Administration, 
Commerce  andTransport;  and  OASIS. 

What  it  is:  A  suite  of  specifications  designed  to  provide  an  open 
XML-based  infrastructure  that  lets  companies  exchange  electronic 
business  information  in  an  interoperable  and  secure  manner. 

Components:  XML  standards  for  business  processes;  core  data 
components;  collaboration  protocol  agreements;  messaging;  and 
registries  and  repositories. 

For  more  information:  www.ebxml.org 
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order  equipment  and  supplies. 
Separately,  analysts  say  General 
Motors  is  close  to  adopting 
ebXML  as  its  global  corporate  IT 
standard.  A  GM  spokesperson 
confirms  the  company  is  a  strong 
supporter  of  ebXML  and  says  it  is 
currently  finalizing  its  evaluation 
of  technologies  to  implement  the 
ebXML  standards  within  GM. 

“This  [Defense  Department 
effort]  is  definitely  a  big  move  for 
ebXML,”  says  Charles  Abrams, 
research  director  at  Gartner. 
“When  ebXML  was  proposed  in 
the  late  1990s,  many  of  us  thought 
it  would  have  made  more  inroads 
than  it  has  by  this  point.” 

Like  electronic  data  inter¬ 
change  (EDI),  ebXML  securely 
supports  a  variety  of  transactions, 
such  as  invoices,  purchase  orders 
and  receipts.  But  unlike  EDI, 
ebXML  is  designed  for  Web  envi¬ 
ronments  and  has  ties  to  Web  ser¬ 
vices  standards  such  as  the 
Simple  Object  Access  Protocol. 
EDI,  on  the  other  hand,  relies  on 
expensive,  proprietary  transport 
connections. 

Issues  that  have  held  back 
ebXML  include  its  unfinished 
nature  —  Gartner’s  Abrams  esti¬ 
mates  the  ebXML  specifications 
are  only  about  half-complete.  In 


addition,  a  lack  of  vendor  support 
for  ebXML  is  hindering  adoption. 

Defense  goes  on  ebXML  offense 

The  Defense  Department’s  offi¬ 
cial  adoption  of  ebXML  is  thus  far 
limited  to  EMALL,  which  is  pro¬ 
cessing  an  average  of  $3  million 
to  $4  million  in  sales  per  week, 
according  to  Debby  Roobol,  pro¬ 
gram  manager  for  EMALL  and 
chief  of  the  e-commerce  and 
standards  branch  of  the  Defense 
Logistics  Information  Service, 
which  operates  the  procurement 
portal. 

This  amount  represents  only  a 
fraction  of  the  estimated  $24  bil¬ 
lion  in  goods  that  the  Defense 
Logistics  Agency  buys  each  year 


from  more  than  20,000  suppliers. 
However,  EMALL  traffic  is  growing 
rapidly  The  procurement  portal  is 
expected  to  process  about 
475,000  transactions  in  fiscal 
2004,  up  from  360,000  transac¬ 
tions  in  fiscal  2003,  Roobol  says. 

In  addition,  analysts  expect  the 
Defense  Department’s  endorse¬ 
ment  of  ebXML  will  have  a  trick¬ 
le-down  effect.  For  example,  sup¬ 
pliers  that  want  to  do  business 
with  the  department  might  be 
pressured  to  adopt  ebXML,  for 
example. 

“The  [Defense  Department]  is 
signaling  to  its  suppliers  that 
ebXML  is  the  next  iteration  of 
integration  technology  it’s  going 
to  use  in  procurement  and  sourc¬ 


ing,”  says  Scott  Lundstrom.CTO  at 
AMR  Research. 

The  Defense  Department  has 
stopped  short  of  requiring  its  sup¬ 
pliers  to  support  ebXML,  but  will 
encourage  them  to  do  so,  says 
Don  Brown,  president  of  PartNet, 
a  software  vendor  and  govern¬ 
ment  contractor  that  maintains  a 
catalog  of  products  available  on 
EMALL  from  internal  Defense 
Department  sources  and  vendor- 
direct  sources. 

GM  says  it  is  not  currently  con¬ 
templating  any  mandates  to  its 
dealers  that  they  use  ebXML.  But 
the  automobile  manufacturer  has 
been  working  with  ebXML  and 
has  created  a  reference  imple¬ 
mentation  of  ebXML  covering 
certain  business  interactions 
between  GM  and  its  retail  dealer 
networks. 

“GM  will  probably  mandate 
something  but  how  much  will  be 
ebXML,  how  much  will  be  Web 
services  and  how  much  will  be 
UDEF”  is  unknown,  says  Jason 
Bloomberg,  a  senior  analyst  at 
consultancy  ZapThink.  (Universal 
Data  Element  Framework  [UDEF] 
describes  an  effort  to  tackle  the 
lack  of  interoperability  among 
e-business  standards.) 

Part  of  the  appeal  of  ebXML  is 
that  it  makes  doing  business  with 
a  partner  electronically  for  the 
first  time  a  lot  easier  than  with 
EDI,  AMR’s  Lundstrom  says.  “In 
legacy  EDI,  there  is  a  fairly  labor- 
intensive  one-time  start-up  pro¬ 
cess  when  you  add  a  new  suppli¬ 
er  or  customer]’  he  says. 

That  goes  away  with  ebXML, 
thanks  to  its  XML  base.’A  lot  of  the 
complexities  around  how  to  inte¬ 
grate  messaging  from  one  system 
to  another  happens  on  an  auto¬ 
mated  basis  because  of  the  self- 
descriptive  nature  of  XML,” 
Lundstrom  says. 

For  this  reason,  companies  that 
have  dynamic  environments, 
where  the  composition  of  their 
suppliers  and  customer  groups 
changes  on  a  regular  basis,  are 
going  to  find  ebXML  attractive, 
Lundstrom  says. 

Nonetheless,  ebXML  isn’t  ex¬ 
pected  to  replace  EDI  any  time 
soon. 

“EbXML  would  need  a  lot  more 
adoption,  a  lot  more  time  spent 
with  the  standards,  in  terms  of 
defining  transactions,  to  match 
what  has  happened  with  EDI,” 
Gartner’s  Abrams  says. 

Fighting  back  from  obscurity 

EbXML  adoption  suffered  a 
blow  when  retail  giant  Wal-Mart 
conspicuously  didn’t  choose  the 
specification  for  its  migration 
from  private  networks  to  Internet- 


based  systems  of  trade.  Notably 
Wal-Mart  put  its  weight  behind 
AS2,a  draft  specification  from  the 
Internet  Engineering  Task  Force 
for  securely  exchanging  EDI  over 
the  Internet  using  HTTP 

Wal-Mart  issued  a  mandate  in 
the  fall  of  2002  requiring  that  all 
of  its  suppliers  exchange  EDI  data 
with  it  via  the  Web  and  AS2-com- 
patible  technology,  rather  than 
using  value-added  networks,  by 
the  fall  of  2003. 

In  shifting  its  supply  chain  to 
Internet-based  EDI,  “Wal-Mart 
took  a  little  bite  of  the  apple 
instead  of  a  big  bite,”  says  David 
Webber,  an  independent  consul¬ 
tant  who  chairs  the  Organization 
for  the  Advancement  of  Struc¬ 
tured  Information  Standards’ 
(OASIS)  Content  Assembly  for 
ebXML  technical  committee. 
“Now  all  they  are  doing  is  send¬ 
ing  EDI  messages  over  the  Inter¬ 
net.  The  big  bite  is  in  going  to 
full-blown  XML  messaging  over 
the  Internet,  and  that’s  ebXML.” 

Webber  says  he  expects  Wal- 
Mart  eventually  will  take  the  next 
step  to  ebXML  —  perhaps  in  as 
soon  as  two  years. 

While  ebXML  adoption  has  lan¬ 
guished  so  far  in  the  U.S.,  it  has 
had  more  success  in  Europe  and 
in  Asia.  Government  organiza¬ 
tions,  too,  have  been  drawn  to  it. 

Ongoing  efforts  to  merge 
ebXML  and  Web  services  efforts 
might  help  spur  adoption  in  the 
U.S.,  analysts  say 

EbXML  developers  are  cooper¬ 
ating  with  Web  services  stan¬ 
dards  committees  in  OASIS, 
Abrams  says.  An  OASIS  initiative 
uses  some  ebXML  work  to  devel¬ 
op  Web  Services  Reliable 
Messaging,  for  example.  Over  the 
next  several  years,  ebXML  will 
incorporate  Or  be  designed  to 
work  with  elements  of  the  Web 
services  standards  stack,  Abrams 
says. 

But  more  cooperation  is 
needed  —  which  the  Defense 
Department  endorsement 
could  spur.  “This  win  may  point 
to  further  cooperation  between 
the  Web  services  standards  and 
the  ebXML  committee,”  Abrams 
says. 

In  addition,  for  ebXML  to  really 
take  off  it  must  be  widely  sup¬ 
ported  in  applications  from  major 
ERP  and  supply  chain  vendors, 
which  so  far  is  not  the  case, 
Lundstrom  says. 

Senior  Editor  John  Fontana  con¬ 
tributed  to  this  story. 
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A0L  tests  anti-spam  technology 


■  BY  PAUL  ROBERTS 

Deluged  by  spam,  AOL  is  trying  a  new  technology 
for  cracking  down  on  a  common  spammer  tool: 
forged  sender  addresses  used  to  bypass  blacklists 
and  trick  unsuspecting  recipients. 

AOL  is  conducting  a  trial  of  an  e-mail  protocol 
called  Sender  Permitted  From  (SPF)  across  its  entire 
user  base  of  33  million  subscribers.  The  company 
says  it  hopes  SPF  will  eliminate  e-mail  address  spoof¬ 
ing  by  modifying  the  DNS  to  declare  which  servers 
can  send  mail  from  a  particular  Internet  domain. 
AOL  is  using  SPF  to  publish  the  IP  addresses  of  the 
servers  it  uses  to  send  outgoing  email. 

Once  widely  deployed,  SPF  records  can  be  refer¬ 
enced  by  Mail  Transfer  Agents  stationed  throughout 
the  Internet  when  routing  email  messages  from  a 
particular  domain  to  determine  whether  an  email 
message’s  source  is  legitimate  or  spoofed,  says  AOL 
spokesman  Nicholas  Graham. 

AOL  briefly  tested  the  protocol  two  weeks  ago 
before  shutting  it  off  to  make  technical  changes 
based  on  feedback  from  other  ISPs,  Graham  says.  He 
declined  to  describe  the  changes.  The  program  is 
experimental  and  for  the  time  being  AOL  will  not 
use  SPF  to  filter  mail  from  other  Internet  domains. 

The  trial  is  a  major  test  of  SPF  which  is  one  of  a 
number  of  new  technologies  designed  to  thwart 
spammers,  says  John  Levine,  co-chairman  of  the 
Anti-Spam  Research  Group. 


SPF  patches  a  hole  in  Simple  Mail  Transfer  Protocol 
(SMTP).  Developed  in  the  early  1980s,  SMTP  was 
designed  to  provide  a  reliable  and  efficient  way  to 
relay  messages  between  host  systems  using  different 
computer  hardware  and  operating  systems. 

In  recent  years,  spammers  and  viruses  such  as 
SoBig-F  and  the  recent  Beagle/Bagel  worm  have 
exploited  SMTP’s  flexibility  easily  transposing  the 
source  of  messages  with  legitimate  e-mail  addresses 
from  lists  that  are  traded  online  or  harvested  from 
infected  computers’  hard  drives. 

The  long-term  benefit  of  SPF  is  that,  when  the  tech¬ 
nology  is  widely  deployed,  e-mail  providers  will  be 
able  to  associate  reputations  with  Internet  domains 
rather  than  with  IP  addresses,  which  are  harder  to 
track,  said  Eric  Raymond,  president  of  the  Open 
Source  Initiative,  who  gave  a  presentation  about  SPF 
during  January’s  Spam  Conference  2004  at  the 
Massachusetts  Institute  of  Technology  in  Cambridge. 

SPF  will  not  stop  spam,  but  it  will  help  other  anti¬ 
spam  technologies  —  such  as  spam  traps  —  by 
enabling  spam  to  be  tracked  to  specific  domains 
and  force  spammers  to  move  to  new  domains  more 
frequently,  Raymond  said. 

The  protocol  still  has  problems,  such  as  incompat¬ 
ibility  with  some  e-mail  forwarding  services  and  Web 
sites  that  use  mail-forwarding  features,  Levine  says. 

Roberts  is  a  correspondent  with  IDG  News  Service's 
Boston  bureau. 
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IBM,  partners  push  new  Web  services 

New  proposed  specifications  set  up  to  support  asynchronous  messaging. 


■  BY  JOHN  FONTANA 

IBM  and  its  partners  last  week  introduced 
three  specifications  designed  to  support  an 
event  notification  infrastructure  for  Web 
services  that  can  be  integrated  with  grid 
computing  and  systems  management. 

IBM  —  along  with  Akamai  Technologies, 
The  Globus  Alliance,  HPSARSonic  Software 
and  Tibco  Software  —  introduced  WS- 
Notification  and  the  WS-Resource  Frame¬ 
work,  which  includes  the  WS-Resource 
Properties  and  WS-Resource  Lifetime 
specifications. 

The  specifications  are  designed  to  sup¬ 
port  asynchronous  messaging  for  use 
among  business  applications.  For  example, 
an  inventory  system  can  indicate  that 
inventory  is  running  low  and  publish  that 
event  out  to  the  network.  Other  business 
applications,  say  those  run  by  suppliers, 
could  subscribe  to  that  event  and  use  the 
information  to  return  bids  to  replenish  in¬ 
ventory.  The  publish/subscribe  method 


Correction 


■  The  story  "NetScaler  beefs  up  Web 
t  switch"  (Jan.  19,  page  17),  misidentified 
NetScaler  as  NetGear  in  the  fourth 
paragraph. 


could  be  used  to  increase  the  efficiency 
and  management  of  so-called  asynchro¬ 
nous,  or  stateful,  business  processes. 

IBM  says  the  specifications  will  support 
just-in-time  procurement  with  multiple  sup¬ 
pliers,  systems  outage  detection  and  recov¬ 
ery  and  grid-based  workload  balancing. 

WS-Notification  is  similar  to  a  specifica¬ 
tion  that  BEA  Systems,  Microsoft  and  Tibco 
released  earlier  this  month  called  WS- 
Eventing,  which  laid  out  a  similar  pub¬ 
lish/subscribe  model.  WS-Eventing  has  yet 
to  go  before  a  standards  body  for  review. 

IBM  and  Microsoft  have  collaborated  on 
Web  services  specifications  for  the  past 
two  years  as  part  of  a  road  map  they 
unveiled  in  early  2002. The  road  map  calls 
for  a  set  of  protocols  —  including  WS- 
Security  and  WS-Policy  —  that  can  be 
assembled  into  an  infrastructure  to  sup¬ 
port  the  secure  execution  of  Web  services 
as  part  of  electronic  business  transactions. 

However,  with  the  publish/subscribe 
specifications,  the  two  companies  have 
offered  competing  efforts  that  experts  say 
are  likely  to  converge  down  the  road. 

“What  you  have  is  competing  specifica¬ 
tions  where  one  is  simpler  and  one  more 
complex,  just  like  we  have  with  the  reli¬ 
able  messaging  specifications,”  says  Jason 
Bloomberg,  an  analyst  with  ZapThink. 
“WS-Eventing  is  a  simpler  way  to  handle 
asynchronous  communication.  WS-Notifi¬ 
cation  has  more  features  but  is  more  com¬ 


plex.  But  in  the  end,  we  expect  them  to 
come  together’’ 

Bloomberg  says  asynchronous  commu¬ 
nication  is  essential  for  building  a  service- 
oriented  architecture  because  business 
transactions  are  long-running  processes. 

One  way  that  WS-Notification  differs  from 
WS-Eventing  is  that  it  addresses  scalability 
with  a  method  for  integrating  the  specifi¬ 
cation  with  message-oriented  middleware, 
an  area  of  expertise  for  IBM. 

Company  officials  say  they  developed 
their  specification  with  three  goals  in 
mind. “We  needed  business  applications  to 
have  this  pub/sub  model,”  says  Karla 
Norsworthy  director  of  dynamic  e-business 
technologies  for  IBM.  In  addition,  she  says, 
IBM  saw  a  need  for  a  notification  infra¬ 
structure  for  systems  management  and 
wanted  to  provide  a  foundation  for  the 
Open  Grid  Services  Architecture, so  grid  in¬ 
frastructure  and  applications  could  be 
built  using  Web  services. 

“Our  requirements  were  different  from 
the  existing  specification  [WS-Eventing],” 
Norsworthy  says.  One  of  her  goals  now  is  to 
ensure  WS-Notification  and  WS-Eventing 
work  together. 

IBM  and  its  partners  plan  to  turn  their 
work  over  to  a  standards  body  probably 
within  the  next  few  months,  she  says,  with¬ 
out  specifying  which  standards  body 
would  receive  the  specification.The  choice 
would  factor  in  groups  such  as  the  Dis¬ 


tributed  Management  Task  Force,  the 
Global  Grid  Forum,  and  XML-focused  bod¬ 
ies  such  as  the  Organization  for  the  Ad¬ 
vancement  of  Structured  Information 
Standards  and  the  World  Wide  Web 
Consortium. 

In  addition  to  the  publish/subscribe 
model  of  WS-Notification,  WS-Resource 
Properties  will  describe  how  to  use  XML  to 
describe  and  change  properties  that  are 
important  to  a  network  resource. 

It  will  allow  applications  that  can  read 
and  update  data  associated  with 
resources,  such  as  contracts,  servers  or  pur¬ 
chase  orders. 

WS-Resource  Lifetime  lets  users  define 
the  length  of  time  those  resource  defini¬ 
tions  are  valid.  ■ 
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Pornography 

continued  from  page  1 

city  with  young  people  sitting 
side-by-side  at  tables  separated 
by  desk-mounted  screens. 
Instead,  these  folks  are  at  work 
categorizing  Web  sites  for 
Internet  filtering  firm  Websense. 

VVebsense  is  nestled  among  the 
other  high-tech  and  biotech 
firms  that  surround  the  vast,  hill¬ 
top  campus  of  the  University  of 
California,  San  Diego.  Each  day 
the  company’s  24  analysts  sit  in  a 
room  at  the  back  of  the  Web¬ 
sense  building  trawling  through 
Web  sites  to  update  a  database 
of  more  than  5  million  sites  that 
are  classified  into  80-plus  cate¬ 
gories.  Customers  receive  the 
updated  list  every  night  and  use 
it  to  either  block  employee- 
access  to  specific  sites  or  to 
monitor  whether  those  URLs 
show  up  in  their  logs. 


“My  friends  think  it’s  funny  I  get 
paid  to  look  at  porn  sites,”  says 
Alex  Hirsch.who  has  been  work¬ 
ing  as  an  analyst  for  six  months. 
“1  like  my  job  because  1  get  to 
use  my  languages  —  German, 
French  and  Italian” she  says. 

Most  of  the  analysts  are  over¬ 
seas  students  at  the  university 
They  work  a  20-hour  week  at 
Websense,  which  keeps  its  facili¬ 
ties  open  24-7  so  that  the  stu¬ 
dents  can  work  a  flexible  sched- 
ule.Together,the  analysts  are  flu¬ 
ent  in  24  different  languages, 
which  enables  them  to  post  — 
classify  sites  according  to  lan¬ 
guage  and  category  —  in  52  lan¬ 
guages  because  they  can  classify 
a  Web  site  that’s  written  in  an 
unfamiliar  language  by  just  look¬ 
ing  at  the  content.The  company 
also  will  hire  contractors  if  its 
employees  come  across  a  load 
of  sites  in  a  language  that  no 
one  understands. 


But  Patrick  Swisher,  director  of 
database  operations,  says  having 
a  workforce  with  different  cul¬ 
tural  backgrounds  is  important 
so  that  proper  judgment  is  used 
when  categorizing  certain  sites. 
For  example,  according  to  Web¬ 
sense,  legitimate  business  firms 
in  Korea  routinely  use  sex  to  lure 
visitors  to  their  sites,  which 
means  they  shouldn’t  be  catego¬ 
rized  under  pornography 

Some  porn  sites  are  disturbing 
compared  with  some  of  the 
other  stuff  the  analysts  have  to 
view  and  categorize.  Olga 
Bernasorskaya,  a  marketing  and 
public  relations  student  at  the 
university  who  speaks  several 
Eastern  European  languages,  has 
worked  at  Websense  for  the  past 
two  years.  She  spent  two  months 
on  a  project  researching  child 
pornography  sites.“I  said  to  my¬ 
self  this  was  just  work,  but  yes,  it 
was  disturbing,”  she  says.“If  I  saw 
a  naked  child,  I  would  classify  it 
straight  away  I  looked  at  a  kid  on 
one  site  and  I  knew  it  was  a 
Russian  kid  —  it  was  very  sad.” 
She  says  it  felt  good  to  work  on 
the  project  because  she  helped 
to  identify  500  pedophile  sites 
that  Websense  customers  can 
block. 

Swisher  says  the  analysts  take 
their  work  in  stride  and  that  only 
two  employees  have  said  they 
felt  uncomfortable.“Once  you’ve 
seen  20,000  pairs  of  breasts, 
another  pair  is  ‘So  what,’  ”  he 
says,  adding  that  the  sites  to  be 
classified  are  spread  evenly 
among  the  analysts  and  that  it  is 
not  possible  to  reduce  the  num¬ 
ber  of  offensive  material  an  ana¬ 
lyst  might  have  to  view. 

“Yes,  there  are  some  goofy  sites 
out  there.  In  our  pre-screening 
phone  calls  [with  prospective 
employees]  we  tell  them  the  job 
will  be  viewing  anything  on  the 
’Net  and  ask  whether  they  would 
be  comfortable  with  that,”  he 
says.  Employees  are  asked  to 
sign  a  release  form  cautioning 
them  that  they  will  be  viewing 
some  offensive  sites,  and  visitors 
and  staff  are  greeted  with  a  large 
warning  sign  on  the  door  to  the 
room  where  the  analysts  work. 

Each  day  the  analysts  catego- 
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rize  between  3,000  and  5,000 
URLs  that  were  either  sent  by 
customers  or  found  using  Web- 
sense’s  automated  search  facili- 
ties.The  first  sites  that  get  catego¬ 
rized  are  those  likely  to  fall  with¬ 
in  Websense ’s  “obscenities”  list. 
The  list,  which  was  previously 
called  the  Sinful  Six  until  Web¬ 
sense  acknowledged  that  one 
cultures  sin  might  not  be  regard¬ 
ed  as  sinful  in  another,  includes 
adult  content,  weapons,  race/ 
hatred,  illegal  drugs,  violence 
and  tasteless. 

There  are  also  two  other  types 
of  URLs:  Premium  groups  (in¬ 
stant  messaging,  online  day  trad¬ 
ing,  paid  to  surf,  streaming 
media, spyware)  and  sites  most 
frequented.The  analysts  are 
assigned  sites  to  classify  accord¬ 
ing  to  the  languages  they  speak 
and  the  priority  order  of  obscen¬ 
ities,  premium  groups  and  most 
visited.The  analysts  classify  the 
sites  under  one  of  more  than  80 
categories,  including  advocacy 
groups,  education,  and 
news/media. 

It’s  very  hard  for  some  visitors 
to  the  database  room  not  to  feel 
uncomfortable  seeing  these 
young  people  view  some  very 
graphic  material.  One  employee 
says  he  focuses  his  gaze  straight 
ahead  when  he  walks  through 
the  area.  But  Websense  tries  to 
make  the  room  feel  comforting; 
on  one  side  of  the  wall  an  artist 
has  painted  a  mural  of  famous 
world  sights,  including  London’s 
Big  Ben,  the  Golden  Gate  Bridge 
and  Sydney  Opera  House. 

The  analysts  take  great  pride  in 
their  work,  which  requires 
patience  and  focus.  Analyst 
Hirsch  says  she  enjoys  unearth¬ 
ing  sites  that  try  to  hide  the  true 
nature  of  their  content.“You  see 
a  beach  scene  so  it  could  be  a 
travel  site,  but  you  go  further  and 
you  see  it’s  clearly  a  porn  site. 
They  hide  it  because  they  don’t 
want  to  be  noticed  by  compa¬ 
nies  like  us,”  she  says. 

But  Websense  wants  people  to 
know  that  it  is  merely  the  mes¬ 
senger  when  it  comes  to  its  cus¬ 
tomers’ Web  access  rules.Tim 
Lan,a  database  services  repre¬ 
sentative  has  to  sift  through  piles 
of,  at  times  abusive,  e-mails  from 
people  who  tried  to  access  a 
juicy  site  but  instead  were  met 
with  an  all-white  access-denied 
box,  complete  with  Websense’s 
logo.“We  tell  them  it’s  their  com¬ 
pany’s  policy  that  they  can’t 
access  that  site,  and  that  they 
should  see  their  network 
admins,”  he  says.B 
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Wily  pushes  portal 
management 

■  BY  DENISE  DUBIE 

Companies  deploying  enterprise  portals  now  need  a  way  to  manage 
them.  At  least  that’s  what  Wily  Technology  is  betting  with  this  week’s 
release  of  software  to  monitor  performance  across  the  multiple  appli¬ 
cations  that  portals  unite. 

Wily  Portal  Manager  builds  on  the  company’s  Java  2  Platform  Enter¬ 
prise  Edition  (J2EE)  application  performance  management  software 
by  letting  companies  track  the  performance  of  multiple  applications 
and  how  they  respond  in  the  portal  environment.  Pbrtal  Manager  will 
work  exclusively  with  IBM  WebSphere  Portal  5.0,  but  Wily  says  it  plans 
to  expand  its  support  for  other  application  platform  suites. 

Based  on  industry  surveys,  demand  for  portals  is  on  the  rise.  Thirty- 
two  percent  of  respondents  to  a  recent  Merrill  Lynch  survey  of  50  IT  ex¬ 
ecutives  said  corporate  portals  top  their  spending  priorities  this  year. 
Separately  Meta  Group  estimates  that  by  2007  about  35%  of  companies 
will  treat  portals  as  core  systems,  up  from  less  than  10%  last  year.  Up¬ 
dated  portals  from  BEA  Systems  and  IBM  should  help  to  spur  deploy¬ 
ment.  These  efforts  should  boost  demand  for  management  tools, 
observers  say 

“Management  concerns  start  seriously  cropping  up  only  after  people 
are  using  a  new  technology’ says  Jasmine  Noel,  a  partner  at  Ptak,  Noel 
&  Associates.  “Early  [portal  software]  users  have  put  it  in  production 
and  are  beginning  to  realize  that  it  is  a  black  box  when  it  comes  to 
monitoring  performance  or  debugging  problems.” 

Rather  than  just  reporting  on  how  the  portal  performs,  Wily  says  its 
product  can  provide  a  view  into  the  performance  of  front-end  portal 
applications,  or  portlets  —  and  the  systems  connected  to  the  portlets 
on  the  back  end. 

Pbrtal  Manager,  which  costs  about  $3,000  per  CPU,  is  installed  on  the 
same  server  as  IBM  WebSphere  Portal  and  discovers  the  portal  envi¬ 
ronment  upon  start-up. Software  agents  and  probes  are  distributed  and 
installed  in  Java  virtual  machines  and  applications,  respectively  The 
agents  watch  portal  applications,  discover  which  components  are 
being  used  and  collect  data  on  the  components’  performance. 

.As  part  of  the  package  Wily  offers  the  Enterprise  Manager  console, 
which  typically  sits  on  a  dedicated  server  and  is  used  to  centrally  man¬ 
age  the  portal-based  applications  overseen  by  Portal  Manager.The  con¬ 
sole  software  features  a  Web-based  interface  from  which  data  can  be 
analyzed  and  reports  can  be  viewed  ■ 
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Only  Avocent  gives  you  complete  Click  and  Connect™ 
control  of  your  data  center  —  all  from  a  single  screen 


Now  you  can  see  what’s  really 
happening  in  your  data  center. 
Avocent’s  DS  Series  lets  you 
access,  maintain  and  troubleshoot 
all  your  servers  and  serial  devices 
over  IP  -  no  matter  where  you  are, 
even  over  a  browser.  Authenticate 
once  and  control  it  all. 


Download  your  free  whitepaper, 
Remote  Data  Center  Control  to  see 
how  you  can  gain  BIOS-level  server 
control,  centralized  authentication 
and  integrated  power  management 
of  your  entire  data  center. 

www.avocent.com/reality8 


Get  real,  get  the  best  KVM  over 
IP  solution  available  today.  The 
Avocent  DS  Series. 

Avocent 

The  Power  of  Being  There, 


Avocent,  the  Avocent  logo.  DSView.  Click  and  Connect  and  The  Power  of  Being  There  are  trademarks  or  registered  trademarks  of  Avocent  Corporation.  Copyright  ©  2003  Avocent  Corporation 


WARE 


THE  POWER  TO  Create,  Confirm,  Control 

Software  and  services  from  Compuware  help  create  applications  that  move  into  action  faster. 
Solutions  for  development,  quality  assurance  and  operations  let  you  confirm  efficient 
deployment  and  ongoing  availability  with  confidence.  Achieve  control  over 
application  performance  and  exceed  the 
quality  your  end  users  demand — now. 


COMPUWARE 

www.compuware.com 
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INFORMATION 
LIFECYCLE 
MANAGEMENT  IS: 

a  strategy  that  uses 
people,  processes  and 
technology  to  store  and 
tap  critical  business 
data  throughout  its 
lifespan  of  value. 


IN  THIS  EDITION: 

See  how  companies  are 
evolving  from  the  tradi¬ 
tional  notion  of  disas¬ 
ter  recovery  as  part  of 
a  discrete  storage  and 
business  continuity 
operation  to  a  more 
holistic  view  of  infor¬ 
mation  protection  and 
recovery  that’s  rooted 
in  business  value. 


Information  Protection  Isn’t  About 
Cost;  It’s  About  Business  Value 


IT  SEEMS  EVERY  DAY  we  wake  up  to 
a  new  challenge  to  our  organization. 
Like  never  before,  the  engines  of  glob¬ 
al  economic  prosperity — people,  capi¬ 
tal,  infrastructure  and  information — 
need  to  be  managed  for  resiliency  in  the 
face  of  uncertain  yet  pervasive  risks. 

Information  Lifecycle  Management 
addresses  the  critical  concern  of  how 
best  to  protect  information  vital  to 
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commerce  and  public  safety.  The  end 
goal  is  an  information  infrastructure 
that  ensures  the  availability  of  critical 
information  anytime,  anywhere  across 
the  globe.  Achieving  this  goal  requires 
new  thinking,  technologies  and  manage¬ 
ment  expertise  needed  to  balance  trade¬ 
offs  in  cost,  risk  and  business  value. 

The  challenge  is  to  move  toward 
this  goal  aggressively  while  operating 
within  real-life  budgetary,  process  and 
technological  constraints.  Information 
Lifecycle  Management  helps  you  do 
that  by  aligning  the  various  classes  of 
critical  applications  and  data  across 
your  enterprise  to  the  appropriate  level 
of  protection  and  availability. 

According  to  Nancy  Marrone- 
Hurley,  a  senior  analyst  at  Enterprise 
Storage  Group,  a  research  company  in 
Milford,  Mass.,  applying  Information 
Lifecycle  Management  practices  to 
information  protection  and  recovery 
can  make  a  significant  difference. 
“Data  availability  is  one  thing,  and 
long-term  lifecycle  management  is 
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INFORMATION  PROTECTION:  WHY  NOW? 

•  NEW  REGULATORY  DRIVERS 

Sarbanes-Oxley,  HIPAA,  Basel  II,  InterAgency  White  Paper 

•  HIGHER  MARKETPLACE  EXPECTATIONS 

Traditional  Disaster  Recovery  which  relies  on  moving  tapes  from  a 
backup  site  to  a  hot  site  provides  a  24  to  72  hour  recovery  timeframe. 
Many,  if  not  most,  customers  won't  wait  that  long  before  switching  to 
a  competitor’s  product  or  service. 

•  BETTER  OPTIONS,  LOWER  EFFECTIVE  COST 

Hardware  and  telecommunications  costs  continue  to  decline  while 
new  availability  options  such  as  backup  and  replication  using  ATA 
storage  technologies  increase. 


another,”  she  says.  “The  latter  helps  you 
know  where  information  is,  how  to  ensure 
that  it’s  where  it’s  supposed  to  be  and  is 
readily  accessible.  Information  Lifecycle 
Management  helps  you  prove  the  integrity 
of  the  data  as  well.” 

Marrone-Hurley  and  other  experts  cite 
a  number  of  issues  that  make  a  lifecycle 
approach  to  data  protection  attractive. 
The  first  is  the  complexity  that  governs 
information  management.  Not  only  is 
information  growing  at  an  exponential 
rate,  but  it’s  becoming  increasingly  difficult 
to  detangle  applications  as  they  draw 
information  from  each  other.  “When  com¬ 
panies  had  a  fairly  siloed  approach  to 
applications,  there  were  well-defined 
boundaries,”  says  Colin  Rankine,  vice 
president  in  the  computing  infrastructure 
group  at  Forrester  Research  in  Cambridge, 
Mass.  “But  as  companies  migrate  to  a  dis¬ 
tributed  application  architecture,  applica¬ 
tions  have  become  interdependent.” 

The  issue  of  regulatory  compliance  is 
also  increasingly  high-profile.  HIPAA, 
Sarbanes-Oxley  and  Basell  II  are  just  a  few 
of  the  most  visible  new  regulations  that 
mandate  the  way  that  many  companies 
manage  and  protect  corporate  data.  With 
the  advent  of  this  new  regulatory  environ¬ 
ment,  companies  must  protect  information 
longer  and  have  the  ability  to  recover  faster. 
Moreover,  they  must  protect  the  right 


“When 
companies 
had  a  fairly 
siloed 

approach  to 
applications, 
there  were 
well-defined 
boundaries.” 

— Colin  Rankine, 
vice  president  in 
the  computing 
infrastructure 
group,  Forrester 
Research 


data — and  know  when  it’s  time  to  delete 
information  that’s  outlived  its  function.  “It’s 
becoming  more  of  an  issue,  and  will  likely 
continue  as  more  regulations  appear  over 
the  next  couple  of  years,”  says  Rankine. 

Many  experts  recommend  the  follow¬ 
ing  steps  to  success  for  information  avail¬ 
ability  and  protection: 

LEAD  WITH  BUSINESS  REQUIREMENTS 

Many  CIOs  will  conduct  a  business  impact 
study,  which  requires  conversations  with 
line  of  business  (LOB)  peers  to  get  at  the 
true  business  value  of  each  application.  To 
say  it’s  a  ticklish  undertaking  is  to  state  the 
case  lightly,  says  Marrone-Hurley.  “It’s  very 
political,”  she  says.  “Nobody  in  the  organi¬ 
zation  is  going  to  think  that  their  business 
data  is  less  important  than  others’.” 

That’s  why,  companies  frequently  call 
in  outside  assessment  teams  to  help  con¬ 
duct  the  classification  study,  particularly 
in  industries  where  regulatory  compli¬ 
ance  is  an  issue.  “It  takes  a  lot  of  disci¬ 
pline,  and  outside  experts  can  provide 
some  very  helpful  objectivity,”  says 
Gregg  Therkalsen,  vice  president  of  busi¬ 
ness  continuity  solutions  at  EMC. 

Once  CIOs  have  an  idea  of  the  value  of 
each  application,  they  must  formally  classi¬ 
fy  them.  Therkalsen  advises  that  IT  execu¬ 
tives  use  at  least  three  different  categories 
of  service-level  importance: 

•  Mission-critical — This  includes  applica¬ 
tions  that  will,  if  interrupted,  result  in 
severe  financial,  regulatory  or  safety  issues 
for  the  company.  “We’re  talking  about  sys¬ 
tems  that  are  so  vital  that  if  they  are  taken 
down,  they’ll  severely  disrupt  the  company 
and  potentially  broad  sections  of  our  econ¬ 
omy,”  says  Therkalsen.  Recovery  time  for 
these  applications  will  be  in  seconds,  min¬ 
utes  or  several  hours. 

•  Essential — Therkalsen  classifies  most  sup¬ 
porting  business  systems,  such  as  financial 
analysis  applications,  in  this  category.  These 
systems  must  not  be  down  more  than  a  day. 

•  Deferrable — This  includes  applications 
that  contain  data  that  is  used  periodically, 
such  as  market  analyses.  These  applications 
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Forty-two  percent  of  US  IT  executives  are  willing  to  accept  data  loss  in  order  to  increase  distances 
to  their  secondary  sites.  European  IT  executives  are  less  likely  to  make  this  trade-off. 


“Business 
value  isn’t 
always 
related  to 
monetary 
value.” 

— Nancy  Marrone- 
Hurley,  senior 
analyst,  Enterprise 
Storage  Group 


are  looking  at  a  recovery  time  of  24  hours 
or  longer. 

Marrone-Hurley  points  out  that  busi¬ 
ness  value  isn’t  always  related  to  monetary 
value.  Certain  kinds  of  data,  for  example, 
must  be  stored  according  to  levels  of  avail¬ 
ability  and  integrity  mandated  by  regulato¬ 
ry  compliance,  and  availability  service  lev¬ 
els  must  reflect  this. 

DESIGN  FOR  SUCCESS 

Armed  with  a  clear  agreement  on  the  critical 
classes  of  applications  and  data,  the  work  of 
designing  solutions  begins.  There  are  five 
key  design  principles  for  building  a  resilient, 
highly  available  information  infrastructure: 

Replication.  Information  is  typically 
backed  up  so  that  companies  can  recover 


from  operational  failures  and  major  busi¬ 
ness  disruptions  as  well  as  archive  data  in 
accordance  with  business  and  regulatory 
requirements.  These  requirements  are  con¬ 
verging  and  should  be  viewed  as  one  enter¬ 
prise-level  business  requirement. 


Geographic  Distance.  Consolidating 
information  processing  into  one  center 
can  save  money,  but  it  also  creates  vulner¬ 
ability  to  a  single  risk  event.  Systems  need 
to  be  designed  for  both  economies  of  scale 
and  distribution  of  information  across 
suitable  distances. 

Consistency.  Data  and  applications  are 
often  backed  up  at  different  times  of  day  or 
week,  making  it  nearly  impossible  to 
“restart”  the  enterprise  at  a  single  point  in 
time.  Backup  and  replication  to  a  single 
point  in  time  is  a  critical  underpinning  of  a 
well  designed  infrastructure. 

Accessibility.  Anytime,  anywhere  access 
to  information  requires  geographically 
redundant  and  diverse  network  connectivi¬ 
ty  that  enables  workers  to  continue  opera¬ 
tions  from  various  remote  locations. 

Cost  and  Performance.  The  optimum 
design  provides  for  backup,  recovery  and 
high  availability  in  a  fashion  that  is  both 
cost-effective  and  enables  the  right  level  of 
protection  to  be  applied  to  the  appropriate 
class  of  applications  and  data. 

By  applying  different  levels  of  protection 
to  different  levels  of  information,  compa¬ 
nies  can  tie  the  right  price  and  performance 
levels  to  each  group  of  information.  “I 
compare  it  to  how  people  might  protect  per¬ 
sonal  information,”  says  Mark  Lewis,  the 
chief  technology  officer  at  EMC.  “The  most 
important  records  are  in  a  safe  deposit  box 
in  a  bank,  more  moderately  important 
records  in  a  fire  safe  in  the  house,  and  oth¬ 
ers  are  in  a  desk  drawer.  Each  method  has 
different  costs  associated  with  it  that  corre- 


FIVE  KEY  INFORMATION 
INFRASTRUCTURE  DESIGN 
PRINCIPLES 

•  REPLICATION 

•  GEOGRAPHIC  DISTANCE 

•  CONSISTENCY 

•  ACCESSIBILITY 

•  COST  AND  PERFORMANCE 
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QUESTIONS  ABOUT 
INFORMATION 
LIFECYCLE 
MANAGEMENT? 

If  you’ve  got  any  burning 

questions  about 

Information  Lifecycle 

Management — and  how 

you  can  begin 

implementing  such  a 

strategy — send  them  to 

ilm_questions@emc.com. 

We'll  answer  the  most 

frequently  asked 

questions  later  in 

this  series. 


FIVE  KEY  ENABLING 
TECHNOLOGIES 


Automatic  failover  to  a  secondary  site 

High-speed  data  transport  for  data 
replication  and  failover 


ENTERPRISE-CLASS  BACKUP 


Enterprise-wide  data  backup,  leveraging 
backup-to-disk  technologies  such  as  ATA 


REPLICATION 


Local  and  long-distance  duplication  of 
data  to  ensure  a  consistent  restart  for 
the  enterprise 


Ability  to  run  multiple  operating  systems 
and  applications  simultaneously 


vv.v.-v.-; 


spond  to  the  business  value  of  the  data.” 

Further,  if  the  CIO  can  give  a  dollar 
value  to  the  different  levels  of  protection,  it 
allows  line  of  business  executives  to  make 
decisions  based  on  numbers,  not  technical 
jargon.  “It  enables  the  CIO  to  go  to  a  busi¬ 
ness  executive  and  say,  ‘If  your  applications 
are  vital,  protecting  them  will  mean  an 
investment  of  X  dollars.  If  you  don’t  think 
you  want  to  pay  that,  you  can  have  less 
protection  for  Y  dollars,’”  Marrone-Hurley 
says.  “This  allows  the  LOB  executive  to 
weigh  information  protection  in  terms  of 
what  it’s  going  to  do  to  his  P&L,  and  they 
can  begin  to  cost-justify  the  investment  nec¬ 
essary  to  protect  each  level  of  application.” 

MANAGE  CHANGE 

Of  course,  shortly  after  you  classify  your 
applications  and  design  and  implement  the 
appropriate  level  of  protection,  your  busi¬ 
ness  requirements  will  change  and  new 
processes  and  technologies  will  be  intro¬ 
duced.  Any  protection  and  availability  pro¬ 
gram  that  does  not  anticipate  and  allow  for 
this  fact  is  seriously  flawed. 

Ron  Williams,  a  senior  manager  at  the 
operation  center  at  EarthLink,  a  $1.3  billion 
ISP  based  in  Atlanta,  says  his  company  is 
working  on  a  tiered  storage  strategy  as  a 
way  of  managing  burgeoning  data  caches  in 
conjunction  with  business  value.  “What 
EMC  has  been  doing  for  a  while  is  providing 
the  ability  to  move  data  that  needs  to  be 
accessed  faster  to  storage  that  can  deliver  it 
faster,”  he  says.  “So  much  data  changes  in 
value  so  fast,  so  we  need  to  seamlessly  tie 
tiers  together.” 

Building  a  successful  alignment  strategy  is 
an  ongoing  process,  stresses  Therkalsen. 
“New  applications  are  introduced  so  fast 
that  we  recommend  revisiting  [a  strategy] 
quarterly,  and  at  a  minimum  twice  annual¬ 
ly,”  he  says.  “If  you  don’t  turn  this  into  a 
regular  business  practice,  you’ll  have  to 
repeat  the  process  from  scratch  a  year  later.” 

More  and  more,  companies  can  use 
tools  to  create  automated  service  policies 
for  each  level.  “That’s  the  value-add  we 
expect  to  see  in  software  solutions,”  says 


Marrone-Hurley.  “We’ll  see  more  intelli¬ 
gence  going  into  software  where  it  moni¬ 
tors  service  levels  and  sets  policies.” 

In  an  era  of  global  data  centers  and  com¬ 
panies  that  have  tightly  intertwined  supply 
chains  with  partners  and  distributors,  the 
ability  to  protect  information  is  increasing¬ 
ly  vital  to  the  success  of  the  enterprise.  As 
such,  companies  must  manage  this  task  at  a 
very  high  level,  and  make  sure  that  their 
protection  and  recovery  policies  are  driven 
by  the  value  of  the  information  first  and 
foremost.  Information  Lifecycle  Manage¬ 
ment  can  help  do  that. 

“Our  vision  of  Information  Lifecycle 
Management  is  a  very  integrated  function 
where  you  can  specify  types  of  information 
protection  and  recovery,”  says  Lewis. 
“Information  protection  is  something  that 
companies  must  take  very  seriously.” 

NEXT:  In  the  next  part  of  this  series, 
we’ll  look  at  new  compliance  and 
governance  regulations. 

JVX(]2  FOR  more  information 

where  information  lives  Visit  WWW.emC.COm/ilm 

for  an  in-depth  look  at  Information  Lifecycle 

Management  products,  services  and  strategies. 
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Aruba  looks 
to  take  WLAN 
to  next  level 


Wireless  LAN  product  maker  Aruba  Wireless 
Networks  has  tapped  former  Cisco  executive  Don 
LeBeau  as  its  new  president  and  CEO.  LeBeau, 
who  most  recently  worked  in  the  consulting  and 
venture  capital  end  of  the  high-tech  industry,  saw 
Cisco’s  revenue  soar  from  about  $350  million  to 
$6  billion  during  the  mid-1990s  when  he  served 
as  the  company's  senior  vice  president  of  world¬ 
wide  sales  and  operations.  He  spoke  recently  to 
Network  World  Senior  Editor  John  Cox  about 
bringing  Aruba,  one  of  several  of  young  compa¬ 
nies  aiming  to  help  centralize  and  secure  big 
WLANs,  through  an  inevitable  market  shakeout. 


Aruba's  advantages: 

Wired  network  security  creates  a  huge  wall  around 
corporate  [IT]  resources.  Wireless  puts  a  big  garage 


door  in  that  wall,  and  trucks  can  drive  through  it. 

Wireless  security  deals  with  stuff  wired  nets  don’t. 
You  can't  control  what  the  client  devices  are: You  have 
guests,  visitors  and  temporary  users,  employees  have 
different  access  privileges.  None  of  these  [issues]  is 
necessarily  part  of  the  wired  network  space. 

Aruba’s  designers  come  from  the  corporate  net¬ 
working  world. They  architected  a  solution  so  that 
security  was  at  the  heart  of  it. 

Competing  with  Cisco: 

This  new  situation  reminds  me  of  joining  this  other 
little  company  [Cisco]  in  the  early  ’90s.  Look  at  the 
established  [network]  players  then:  IBM,  DEC  and  oth¬ 
ers,  who  felt  entitled  to  build  out  the  next-generation 
network. 

We  are  not  directly  competing  with  Ciscos  [WLAN] 
strategy  There  is  a  segment  of  the  market  that  wants  to 
see  WLANs  as  an  extension  of  the  wired  net.  Cisco  is 
the  incumbent  there. 

We  offer  a  data  center  product  that  provides  wire¬ 
less  services  at  the  perimeters  of  the  net,  without  dis¬ 
rupting  anything  in  the  wired  net.That’s  an  architec¬ 
tural  decision  that  [enterprise]  customers  have  to 
make. 

Barriers  to  growth: 

1  hear  this  whining: ‘What  if  Cisco  just  does  what  you 
do?’  If  they  do  the  same  things  and  outperform  us,  then 
we’re  competing  with  them  head  to  head.  But  the  mar¬ 
ket  demands  more  than  one  supplier. 

Our  barrier  to  growth  right  now  is  our  own  execu¬ 
tion,  not  a  specific  rival.  Even  if  Cisco  emulates  us,  the 
market  is  huge. 


The  market: 

There  is  going  to  be  a  shakeout  of  all  these  compa¬ 
nies.  It’s  very  over-invested. There  are  a  lot  more 
[WLAN]  companies  than  are  going  to  be  able  to  get 
traction.  We  believe  the  consolidation  will  take  place 
in  2004  based  on  channels  of  distribution  —  players 
[such  as  integrators  and  resellers]  with  existing  cus¬ 
tomer  relationships  with  enterprises  and  service 
providers. 

The  WLAN  companies  are  going  to  be  competing 
for  all  those  channels.  If  they  don’t  get  traction,  they’ll 
be  acquired  or  will  have  to  shut  the  doors. 

Aruba's  short-term  focus: 

One  is  to  create  a  distribution  network. We  are  mov¬ 
ing  along  very  aggressively  to  strengthen  these  rela¬ 
tionships  to  make  them  permanent  rather  than  just 
transactional. 

Second  is  to  put  together  the  organizational 
resources  to  support  very  rapid  levels  of  growth.  For 
example,  what’s  needed  in  hitting  the  first  million-dol- 
lar  quarter?  Then,  what’s  needed  to  support  the  mil- 
lion-dollar  month?  Then,  what’s  needed  for  the  mil- 
lion-dollar  week? 

Third  is  the  skill  set  required  to  integrate  a  whole 
bunch  of  other  players:  vendors  of  software  compo¬ 
nents,  applications  and  end-user  devices. 

Aruba's  technology  priorities: 

There’s  a  lot  of  energy  around  the  security  space, 
and  there  are  also  significant  changes  in  [radio 
frequency]  management.  And  there  are  a  whole 
set  of  services  being  driven  by  voice-over-lP  over 
wireless.  ■ 


Security  start-ups  offer  new  brands  of  protection 


One  customer  using  BeadWindow  100 
is  Jazzercise  of  Carlsbad,  Calif.,  which 
has  5,000  franchises  that  access  its 
Web  site. 


■  BY  ELLEN  MESSMER 

Three  security  start-ups  this 
week  are  vying  for  a  spot  in  the 
corporate  network  with  products 
designed  to  protect  data  by  mon¬ 
itoring  for  network-based  attacks 
and  stopping  outbound  transmis¬ 
sion  of  sensitive  data. 

BeadWindow  has  built  an  intru¬ 
sion-prevention  and  firewall  ap¬ 
pliance  called  BeadWindow  100 
that  sits  at  the  Internet  perimeter 
to  block  about  1,000  known 
attacks  detected  by  Snort,  the 
open  source  intrusion-detection 
system  (IDS).  The  appliance, 
which  runs  at  300M  bit/sec,  also 
can  check  outbound  traffic  flows, 
with  options  for  scanning  e-mail 
content  for  policy  violations  such 
as  attempts  to  transmit  sensitive 
customer  data. 

One  customer  using  Bead- 
Window  100  is  Jazzercise  of 
Carlsbad,  Calif.,  which  has  5,000 
franchises  that  access  its  Web  site. 
The  company  mainly  has  used 
the  intrusion-prevention  appli¬ 
ance  to  block  incoming  attacks. 

While  the  appliance,  which 


starts  at  about  $11,000,  has 
worked  well  the  past  three 
months,  the  company  says,  there 
have  been  a  few  problems  that 
required  careful  tuning. 

“We  started  out  by  blocking 
everything  that  could  be  blocked 
but  we  found  that  users  couldn’t 
access  some  applications,”  says 
David  West,  director  of  IT  at 
Jazzercise. 

BeadWindow,  founded  by  its 
President  Tim  Platt,  formerly  COO 
at  security  firm  ZNQ3,  is  privately 
funded  with  less  than  $1  million. 

A  second  start-up,  Vontu,  is 
tackling  the  challenge  of  block¬ 
ing  data  from  leaving  the  organi¬ 
zation  if  it  violates  corporate 
policy.  The  latest  version  of  its 
product,  Vontu  Protect,  which 
ships  this  week,  is  Windows  serv¬ 
er-based  software  that  sits 
behind  the  Internet-facing  fire¬ 
wall  to  monitor  outbound  e- 
mail-,  FTP-  and  HTTP-based  traf¬ 
fic  to  look  for  keywords  and  pat¬ 
terns  indicating  data  that’s  not 
supposed  to  leave  the  premises. 
If  it  sees  forbidden  data  —  such 
as  Social  Security  numbers  or 


account  information,  for  exam¬ 
ple  —  it  blocks  it  and  notifies 
the  manager. 

“It  works  by  pattern-matching 
the  file  to  specific  data  they 
don’t  want  going  out  of  the  net¬ 
work,”  says  Jim  Hurley,  vice  presi¬ 
dent  at  Aberdeen  Group.  Hurley 
says  Vontu  customers,  which  pre¬ 
fer  not  to  be  named,  report  that 
the  Vontu  product  rarely  gener¬ 
ates  false  positives  in  its  monitor¬ 
ing  of  outbound  data.  Vontu 
Protect  costs  $35  per  user,  with 
discounts  depending  on  volume. 

Vontu,  which  was  founded  by 
CEO  Joseph  Ansanelli  and  vice 
president  of  engineering  Michael 
Wolfe  —  both  former  Kana 
Communications  executives  — 


and  CTO  Kevin  Rowney,  has  $15 
million  in  venture  capital  from 
Benchmark  Capital  and  Venrock 
Associates,  among  others. 

The  third  security  start-up  mak¬ 
ing  its  debut  is  Protego  Net¬ 
works,  which  has  developed 
what  it  calls  the  Mars  line  of 
threat  management  security 
appliances.  These  appliances 
combine  a  number  of  security 
functions:  collecting  network 
topology  information;  vulnerabil¬ 
ity  scanning  for  network  and 
application  holes;  and  aggregat¬ 
ing  information  from  firewalls 
and  IDS  to  provide  a  bird’s-eye 
view  of  security. 

Currently,  the  Mars  appliance 
line  is  limited  to  gathering  event 


information  generated  by  Check 
Fbint,  Cisco  and  NetScreen  Tech¬ 
nologies  IDSs  and  firewalls. 

The  Mars-50,  Mars-100,  and 
Mars-200,  which  cost  $15,000, 
$45,000  and  $75,000,  respectively, 
are  mainly  differentiated  by  the 
number  of  firewall  and  IDS  each 
can  support  via  the  manage¬ 
ment  console.  Mars-200  supports 
up  to  500  devices  reporting 
10,000  events  per  second. 

The  vulnerability  scans  on  the 
equipment  work  via  integration 
with  Nessus  freeware  and  the 
eEye  Digital  Security's  Retina 
scanner.  Protego  was  founded  by 
its  CTO  Partha  Bhattacharya,  for¬ 
merly  technical  lead/architect  at 
Cisco  for  firewalls,  ISO  security 
and  IDS,  with  $6.3  million  in  ven¬ 
ture-capital  funding  from  Mira¬ 
mar  Ventures.® 
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Your  mobile  workforce.  An  army  of  productivity  or  multiple  points  of  entry  ripe  for  intruders?  Enter  the  self-defending  network,  with  integrated  security  woven  throughout.  A  line  of 
defense  that  delivers  security  where  security  is  needed.  Wherever  you  do  business.  Inside  the  intranet.  Outside  the  intranet.  Across  the  Internet.  Even  in  hotel  rooms  on  the  other 
side  of  the  planet.  So  your  jet-lagged  mobile  workers  stay  safe  and  secure.  And  your  business  keeps  marching  forward.  To  learn  more  about  how  Cisco  can  help  plan,  design  and  manage 

your  network  security,  visit  cisco.com/securitynow.  SELF-DEFENDING  NETWORKS  PROTECT  AGAINST  HUMAN  NATURE. 
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CAN  YOUR  SOFTWARE  TELL  YOU  WHICH  ONE? 


Business  Service  Management  solutions  from 
BMC  Software®  can.  They  automatically  prioritize 
IT  management  issues  according  to  business 
importance  and  alert  you  before  potential  problems 
can  impact  performance.  They  also  let  you  prioritize 
IT  investments  and  resource  allocations  to  optimize 
your  business  results.  So  you  can  solidly  align  your 
IT  investments  with  strategic  business  goals.  And 


protect  the  delivery  of  vital  business  services  like 
online  transactions,  sales,  customer  service,  logistics 
and  distribution — whatever  is  most  critical  to  your 
company's  success.  It's  enterprise  management 
software  that  works  with  your  existing  IT  resources 
to  let  you  manage  what  matters  from  a  business 
perspective  and  execute  with  precision.  Find  out 
how  at  www.bmc.com/bsm34 
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■  IBM  is  offering  a  program  to  push 
its  enterprise  software  running  on 
Linux  as  an  alternative  to  Microsoft 
software  running  on  that  company’s 
soon-to-be  discontinued  Windows  NT 
operating  system.  The  program  offers 
business  partners  free  migration 
classes  and  discounts  on  software 
and  services  for  users  moving  to  IBM 
software  running  on  Linux.  Microsoft 
is  discontinuing  support  and  security 
patches  for  NT  by  year-end,  requiring 
nearly  2  million  customers  to  develop 
a  migration  strategy,  IBM  said.  Big 
Blue  also  is  offering  discounts  on 
Lotus  Domino  running  on  Linux  for 
any  IBM  eServer,  including  its  zSeries 
mainframe,  to  customers  moving 
from  Windows  programs  such  as 
Microsoft  Exchange.  Special  migra¬ 
tion  programs  also  are  being  offered 
from  Microsoft  SQL  Server  to  DB2 
Universal  Database  on  Linux  and  for 
security  and  network  management 
migrations. 

■  Sun  last  week  agreed  to  acquire 
privately  held  Nauticus  Networks, 

which  makes  content  switches  for  the 
data  center,  in  a  move  that  could  pro¬ 
vide  a  technology  boost  for  its  blade 
servers.  Nauticus  makes  a  family  of 
switches  called  the  N2000  Series, 
designed  to  help  companies  ensure 
the  security  and  availability  of  Web- 
based  applications.  The  switches  are 
based  on  a  Nauticus  chipset  known 
asTideRunner  and  offer  Secure 
Sockets  Layer  acceleration,  load  bal¬ 
ancing,  virtualization  and  other  func¬ 
tions.  Sun  is  likely  to  integrate 
Nauticus'  technology  with  its  blade 
server  offerings,  although  it’s  too  soon 
to  talk  about  when  that  will  happen, 
Sun  said. 

■  Start-up  Candera  announced  this 
week  a  storage  appliance  that 
uses  inexpensive  Advanced  Tech¬ 
nology  Attachment  drives.  The 
Candera  ATA  Appliance  consists  of 
two  SCE-510  storage  virtualization 
appliances  and  has  disk  capacity  of 
4T  to  16T  bytes.  It  supports  RAID  0, 
0+1,  3,  5. 10,  30  and  50.  The  appliance 
starts  at  $86,500  for  4T  bytes. 


at  Monster.com 


Monster  com  has  ridden  through  a 
decade  of  boom  and  bust  since  its 
founding  in  1994,  but  as  one  of  the 
first  Internet-based  job-search  sites, 
technology  has  always  been  at  its 
core.  Recently,  the  firm  started  to 
integrate  its  Nortel  Meridian  PBX 
with  the  vendor's  Succession  MX 
media  sewer,  a  Session  Initiation 
Protocol-based  IP  PBX  and  commu¬ 
nications  sewer,  at  its  headquarters  in  Maynard,  Mass. 
Aaron  Branham,  vice  president  of  operations  at 
Monster  Technologies,  the  IT  arm  of  the  e<omrnerce 
outfit,  discussed  the  benefits  of  SIP  technology  with 
Network  World  Senior  Editor  Phil  Hochmuth. 

What  are  Monster's  plans  for  IP  telephony  and  VoIP? 

We’ve  used  VoIP  for  a  couple  of  years  in  various  parts  of 
the  company  with  various  levels  of  success.The  Nortel  VoIP 
solution  has  been  used  by  the  technical  teams  in  the  U.S. 


and  has  worked  great.  We  are  deploying  it  in  the  Prague 
office,  which  we  are  expanding  a  lot. 

What  benefits  do  you  hope  to  get  out  of  Nortel-based  IP  telephony 
technology? 

IP  telephony  provides  several  operational  and  productiv¬ 
ity  gains.There  is  the  reduced  infrastructure  costs  related  to 
cabling  —  the  phone  uses  one  cable,  and  then  you  can 
daisy  chain  your  computer  to  the  phone.  In  a  traditional 
setup, you  would  have  to  run  two  [network]  cables.  Moving 
cubes  or  offices  is  a  lot  easier  as  the  phones  automatic¬ 
ally  configure  on  the  network  when  you  move  them.The 
productivity  gains  are  in  the  integration  with  the  voice  mail 
and  e-mail  systems.The  call  forwarding  and  other  features 
also  allow  the  staff  to  manage  their  communications  better. 

Have  you  looked  into  the  total  cost  of  ownership  involved  with  this 
technology?  How  does  it  compare  to  traditional  phone  technology? 

The  problem  with  large  installed  phone  systems  is  they 
are  capitalized  over  five  to  10  years, so  depending  on 
where  you  are  on  that  cycle  it  can  be  costly  to  replace  an 
existing  system.There  are  real  savings  for  the  home  office 

See  Monster,  page  26 


WLAN  technology  protects  and  serves 


c  \ 

Making  a  move 

Public  safety  departments  are  adopting  GPRS  or  CDMA  data  services 
for  reach  and  throughput.  Many  also  are  adding  WLANs  for  moving  big 
files.  Third-party  applications  play  a  key  role  for  encryption,  VPN 
support,  dynamic  IP  addressing  and  client  management. 


Base  station  Middleware  headquarters 
server 


O  Laptop  connects  to  GPRS  ©  Middleware  application  handles  ©  Iruiser  parks  near  WLAN  hot  spot 
network  at  56K  bit/sec,  about  128-bit  encryption,  VPN  logon,  to  download  maps,  photos, 

three  times  COPD  speed.  dynamic  IP  addressing.  building  plans,  anti-virus  files. 

c _ 


■  BY  JOHN  COX 

There’s  one  group  of  users  for  whom 
“next-generation”  wireless  data  networks 
are  actually  a  reality:  municipalities  and 
public  safety  departments  abandoning 
Cellular  Digital  Packet  Data  networks. 

In  most  cases,  they’re  being  forced  to 
abandon  the  19.2K  bit/sec  networks  be¬ 
cause  the  carriers  that  provide  them,  with 
FCC  blessing,  are  phasing  them  out  in  favor 
of  either  GSM/General  Packet  Radio  Ser¬ 
vice  (GPRS)  or  Code  Division  Multiple  Ac¬ 
cess  (CDMA)-based  cellular  offerings,  with 
speeds  roughly  three  times  that  of  CDPD. 

That’s  far  short  of  the  3G  cellular  speeds 
promised  in  Enhanced  Data  Rates  for 
Global  Evolution  or  CDMA  lxEVDO  net¬ 
works.  But  public  safety  users  are  cost-con¬ 
scious  and  even  more  worried  about  get¬ 
ting  coverage  and  reliability  Many  of  these 
users  are  taking  advantage  of  the  migration 
to  also  incorporate  high-bandwidth,  short- 
range  wireless  LAN  (WLAN)  connectivity 
into  police  cruisers, ambulances, fire  trucks 
and  other  vehicles. 

The  carriers,  such  as  AT&T  Wireless, 


Cingular  Wireless, Sprint  PCS,T-MobiIe  and 
Verizon,  are  wooing  their  existing  CDPD 
customers,  and  each  other’s,  often  by  dis¬ 
counting  or  giving  away  cellular  adapter 
cards.  They’re  also  forming  partnerships 
with  software  vendors,  such  as  Padcom 
and  NetMotion  Wireless.  These  applica¬ 


tions  are  needed  for  creating  more  secure 
data  encryption  and  for  handling  dy¬ 
namic  IP  addressing  in  the  higher-speed 
cell  networks. 

The  Fremont  Police  department  in 
California  and  the  city  of  Aurora,  Colo., 

See  WLAN,  page  26 
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January  has  rolled  around  again,  and 
it’s  time  to  hand  out  Wired  Windows’ 
annual  Network  MVP  Award. This  vir¬ 
tual  award  (there’s  no  plaque,  no  trophy  no 
diamond  ring  and  certainly  no  big  check) 
is  given  each  year  to  the  person  (s)  who  — 
in  my  estimation  —  have  done  the  most  to 
further  their  organization’s  network  agenda 
during  the  previous  year. 

Just  like  most  sports’  MVP  awards,  this 
one  is  entirely  subjective.  However,  that 
doesn’t  mean  I  hand  it  out  to  someone  1 
think  fondly  of.  Over  the  past  few  years,  I’ve 
often  referred  to  this  person  in  a  very  sar¬ 
castic  way  lambasting  his  people  skills  and 


Network  MVP:  And  the  winner  is . 


technical  knowledge.  I’ve  even  taken  him 
to  task  over  his  business  skills.  Neverthe¬ 
less,  he  did  something  in  2003  that  I  never 
believed  he  could  and  that  hadn’t  been 
seen  or  heard  in  many  a  year. 

Jack  Messman  made  Novell  relevant 
once  again. 

From  even  before  March  2001  (when 
Messman  became  CEO  at  Novell)  until 
March  2003,  the  most  often  used  adjectives 
in  stories  about  Novell  were  “former  net¬ 
working  giant”  or,  simply  “irrelevant.”  Last 
year, though,  Messman  started  by  acquiring 
Linux  desktop  powerhouse  Ximian,  then 
he  announced  that  the  upcoming  NetWare 
7  would  run  on  a  Linux  kernel,  and  he  fol¬ 
lowed  that  by  purchasing  SuSe  for  its  Linux 
distribution.  Metaphorically,  he  succeeded 
in  grabbing  the  network  community  by  the 
collar,  shaking  it  thoroughly  and  making 
sure  it  paid  attention  to  the  former-and-will- 
be-again  “networking  giant.” 


It’s  not  just  me  who  thinks  so,  by  the  way 
Novell’s  stock  went  up  more  than  200%  in 
2003,  making  it  the  fifth-best  performer  in 
the  market.  Only  once  before  had  Novell 
done  as  well,  back  in  the  “glory  days”  of 
1991  when  it  was  the  second-best  perform¬ 
ing  stock  basking  in  the  glow  of  an  over¬ 
whelming  edge  in  the  LAN  market  and  the 
looked-forward-to  Novell  Directory  Service 
(now  eDirectory). 

The  company  fell  on  hard  times  after  its 
disastrous  acquisitions  in  1993  (Unix,  Dig¬ 
ital  Research)  and  1994  (WordPerfect), and 
it  took  almost  10  years  to  regain  some  of  its 
former  strength.  But  most  companies  don’t 
ever  get  the  change  to  “regain”  anything.  We 
can’t  know  what  the  future  will  bring  but 
for  now  the  MVP  choice  is  easy.  So  here’s  to 
you,  Jack  Messman. You  did  good;  you  de¬ 
serve  this  award. 

Kearns,  a  former  network  administrator,  is 
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a  freelance  writer  and  consultant  in  Silicon 
Valley.  He  can  be  reached  at  wired@ 
uquill.com. 


Previous  winners  of  the 

Wired  Windows’  Network 
MVP  award  have  been  HP’s 
Carly  Fiorina  (2001),  Radiant 
Logic’s  Michel  Prompt 
(2000),  Bowstreet’s  Frank 
Moss  and  Jack  Serfass 
(1999),  Directory  Enabled 
Networks  co-chairs  John 
Strassner  and  Steven  Judd 
(1998),  and  Novell's  Eric 
Schmidt  (1997). 
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continued  from  page  25 

as  you  can  give  the  appearance  and 
full  functionality  of  a  work  PBX.There 
are  also  challenges  with  a  home 
office  and  the  [quality  of  service] 
and  bandwidth  needed  to  have  the 
phones  work  properly  It’s  not  right  for 
every  situation  today.  Other  compa¬ 
nies  need  to  look  at  it  on  a  case-by¬ 
case  basis. 

Do  you  see  value  in  SIP?  What  value  could 
SIP  applications  add  at  Monster? 

We  see  SIP  as  a  driver  for  increased 
user  mobility  and  collaboration.  It 
could  help  improve  the  way  our  em¬ 
ployees  manage  their  day-to-day  activi¬ 
ties  and  provide  increased  flexbil- 
ity  so  that  our  employees  can  work 
transparently  no  matter  where  they 
are.  SIP’s  multimedia  support  could 
also  help  us  to  build  new  services  that 
benefit  our  customers  in  ways  never 
before  realized. 

Any  plans  for  multimedia  and  SIP? 

Video  calling  has  great  potential  for 
us,  not  only  maintaining  close  collabo¬ 
ration  between  our  people  who  are 
dispersed  geographically,  but  also  as  a 
tool  for  our  clients  who  could  poten¬ 
tially  be  around  the  world. This  means 
that  we  can  expand  our  footprint  and 
service  coverage  without  today’s  limi¬ 
tations  or  costs  due  to  travel. 

Does  SIP  bring  any  operational  benefits? 

In  terms  of  communications  control, 
SIP  provides  great  manageability. 
Employees  can  choose  to  use  an  IP 
Jephone  —  a  hard  client  —  while  in 


the  office  or  a  soft  PC  client  while  out 
of  town,  maybe  from  the  hotel.  Em¬ 
ployees  can  also  choose  to  integrate 
their  home  phones  or  cell  phones  into 
the  equation.  For  our  employees,  it 
means  productivity  and  business  con¬ 
tinuity  Our  people  can  take  back  lost 
time.  An  example  of  this  is  if  one  of 
our  people  needs  to  be  at  home  for 
the  day  for  personal  reasons,  they  have 
complete  transparency  [to  the  office] . 
And  for  calls,  they  can  manage  who 
can  call  them,  the  time  of  day  and  day 
of  week  they  can  be  reached.They 
can  screen  their  messages.  For  those  of 
us  looking  to  connect  with  each  other, 
presence  features  [on  the  MX  server] 
provide  a  real-time  information  on  a 
person’s  status  —  whether  they’re  on 
the  phone,  connected  [online  with 
e-mail]  or  whatever.  It’s  automatic. 

How  has  the  economy  affected  your  busi¬ 
ness?  Because  more  unemployment  would 
seem  to  indicate  more  job  seekers,  has 
your  Web  infrastructure  seen  any  traffic 
increases?  If  so,  has  this  called  for  any 
upgrades? 

Monster  gets  most  of  its  revenue 
from  the  companies  and  a  small  per¬ 
centage  from  job  seekers,  so  Mon¬ 
ster  does  better  in  a  good  economy 
with  a  tight  job  market.  During  the  eco¬ 
nomic  downturn  our  revenue  stayed 
mostly  flat,  which  means  we  did  a  lot 
better  then  most  other  Internet  compa- 
nies.Traffic  to  the  site  hasn’t  increased 
at  100%  a  year  —  or  more  —  like  it 
did  during  the  earlier  years  but  we  see 
it  picking  up  now  and  expect  to  have 
our  highest  traffic  ever  next  year.  We 
have  used  the  time  to  clean  up, 
improve  and  catch  up  our  infrastruc¬ 
ture,  and  we  believe  we  are  prepared 
for  strong  growth  next  year.  ■ 
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public  safety  department  are  making  the 
shift  from  CDPD  to  GSM/GPRS.  In  both 
cases,  the  GPRS  carrier  is  AT&T  Wireless. 

Fremont  had  used  the  AT&T  Wireless 
CDPD  network  for  its  80  cruisers  for  com¬ 
puter-aided  dispatching,  says  Pam 
Lutzinger,  IS  manager  for  the  police  depart¬ 
ment.  Dispatchers  sent  calls  wirelessly  to 
the  laptops  mounted  in  the  cruisers. 
Officers  used  the  network  to  query  state 
crime  and  other  databases. 

“We  have  [CDPD]  coverage  issues  where 
we  are,”  Lutzinger  says.“It’s  a  large  area  with 
rough  terrain.”  The  GPRS  network  fills  in 
those  gaps  and  nearly  triples  the  band¬ 
width  to  56K  bit/sec  or  higher. 

Aurora  had  used  an  800-MHz  data  system 
from  Motorola  for  dispatching  and  messag¬ 
ing  to  laptops  mounted  in  about  300  police 
and  fire  vehicles.  The  city  began  to  imple¬ 
ment  a  shift  to  CDPD  in  mid-2001,  installing 
161  modems.  But  a  February  2002  letter 
from  AT&T  Wireless  announced  that  CDPD 
services  would  be  discontinued  by  mid- 
2004.“That  was  our  big  shock,” says  Michael 
Bedwell.the  city’s  manager  of  public  safety 
systems.Then  the  city  started  again  to  eval¬ 
uate  services,  software  and  hardware. 

Both  municipalities  needed  to  solve  two 
main  problems.  One  is  that  CDPD’s  encryp¬ 
tion  is  better  than  GPRS,  128-bit  compared 
with  64-bit. 

The  second  is  that  CDPD  used  static  IP 
addresses.  That  is,  each  modem  had  a  per¬ 
manent  IP  address.  This  meets  federal 
Department  of  Justice  requirements, 
Lutzinger  says.  The  Justice  Department  re¬ 
quires  use  of  a  static  address  before  allow¬ 
ing  access  to  law  enforcement  and  other 
databases.  But  GPRS  networks  have  a  block 
of  IP  addresses  that  are  handed  out  as 
needed  by  a  Dynamic  Host  Configuration 
Protocol  service.  Bedwell  says  related  to 
this  is  the  need  to  maintain  a  persistent  net¬ 
work  connection  as  a  vehicle  passes  from 


one  cell  tower  footprint  to  another. 

Fremont  remained  with  its  software  ven¬ 
dor,  Padcom,  to  solve  both  problems.  Aurora 
chose  NetMotion  Wireless  as  its  middleware 
vendor.  Both  packages  use  128-bit  encryp¬ 
tion,  and  both  create  what  appears  to  be 
static  IP  address  for  a  user’s  session. 
Lutzinger  and  Bedwell  say  both  packages 
installed  easily  ran  smoothly  and  are  invisi¬ 
ble  to  police  and  firefighters. 

One  difference  in  the  two  implementa¬ 
tions  is  that  Fremont  uses  a  Sierra  Wireless 
GPRS  card  that  fits  directly  into  the  laptops, 
which  then  are  locked  into  an  in-vehicle 
mounting.  Aurora  selected  a  fixed  GPRS 
modem  mounted  in  the  trunk,  with  a  high- 
gain  antenna.  The  laptop,  permanently 
installed  in  front,  is  linked  by  a  cable  to  the 
modem.  “We  thought  this  was  easier  to 
maintain  and  more  durable,"  Bedwell  says. 

Both  cities  also  added  802.11b  1 1 M 
bit/sec  WLAN  cards  from  Cisco  to  the  pub¬ 
lic  safety  laptops  and  WLAN  access  points, 
wired  back  into  the  city  network,  on  vari¬ 
ous  city-owned  buildings  or  sites  such  as 
municipal  fuel  pumps.  The  Padcom  and 
NetMotion  applications  transparently  man¬ 
age  the  handoff  between  the  GPRS  and 
WLAN  networks. 

The  WLAN  connection  is  being  used 
more  often  in  Aurora.  Bedwell  bought 
Wavelink’s  software  to  manage  the  mobile 
clients  and  the  WLAN-based  transfers  of 
everything  from  virus  updates  to  building 
floor  plans  and  maps.Wavelink  automates 
many  of  the  file  transfers.  If  a  dispatch  call 
sends  the  cruiser  on  its  way  before  a  trans¬ 
fer  finishes,  the  Wavelink  software  sets  a 
“bookmark”  and  resumes  the  transfer  the 
next  time  the  cruiser  is  back  in  range  of  an 
access  point. 

In  both  cities,  police  report  that  they  can 
check  photo  databases  and  clear  routine 
inquiries  much  faster  than  before.  Bedwell 
says  police  officers  at  first  swore  they’d 
never  use  a  location  mapping  application 
because,  they  told  me,  “we  know  where 
we’re  going.”  ■ 


HP  ProCurve  Networking  solutions  adapt  to  critical 
vulnerabilities,  minimize  risks  and  protect  information  assets. 
They've  also  been  known  to  make  CFOs  smile. 

Affordable  HP  ProCurve  Networking  solutions  place  security  at  the  network  edge,  where 
users  connect.  Creating  a  virtual  lobby  within  your  network  where  users  are  immediately 
identified  and  escorted  to  the  areas  of  the  network  that  they  are  permitted  to  visii  Preventing 
unauthorized  traffic  and  potential  security  threats  while  protecting  your  assets. 

To  see  how  HP  ProCurve  Networking  solutions  can  work  for  you,  call  1-800-9  -/683 

code  25  or  visit  www.hp.com/go/procurve  to  schedule  a  free  network  design. 
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AKE  YOUR  NETWORK  BEYOND  CONVENTION 


In  an  extreme  world... 


GO  BEYOND 

WITH  EXTREME  NETWORKS 


At  Extreme  Networks,  we  amplify  network  performance  and  function  by 
mtinually  challenging  the  status  quo  of  networking.  Our  switching 
solutions  build  efficient  wired  and  wireless  Ethernet  and  iP  infrastructures 
hat  deliver  best-in-class  scalability,  performance  and  security. 


Contact  Extreme  Networks  at 
1.888.257.3000  or  visit  us  on  the  web  at 

www.extremenetworks.com/go/beyond.htm 


e  elevate  the  relationship  between  the  network  and  applications, 
isers  and  the  business  as  a  whole.  How’s  that  for  a  switch ?  ©  2003  Extreme  Networks,  Inc.  All  Rights  Reserved. 
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2  Tests  reveal  depth  of  NEC's  enterprise  strategy  for  VoIP  over  wireless 

NEC  extends  enterprise-level  Quality-of-Service  to  its  own  VoIP  gear  to  ensure 
bandwidth  precedence  to  latency-sensitive  voice 

2  Dell  PowerConnect  3348  excels  over  rival  switches  in  Fast  Ethernet, 
GbE  tests 

PowerConnect  3348  proves  that  it  delivers  the  highest  throughput  when  tested  under 
stressful  network  conditions 

4  Symbol  Technologies  outpaces  rival  in  multidimensional  array  of 
wireless  tests 

Symbol  WS  5000  Wireless  Switch  demonstrates  performance  and  mobility  advantages 
over  rival  access  point 

0  Foundry  Serverlron  400  secures  applications  against  Gigabit-rate  DoS 
attack  while  serving  up  peak  performance 

Protects  server  farms  from  wire-speed  Gigabit  DoS  attacks  and  offers  high  connection 
rates  at  Layer  3/4 

0  Dell  switch  earns  bevy  of  Tolly  Verified  certifications 

PowerConnect  3348  receives  Tolly  Verified  certifications  in  16  categories  covering 
core  switch  functions 


Y  Avaya  VoIP  solution  serves  up  prime  performance  for  TTY  (TDD)  over  IP 

Exhibits  zero  error  rate  in  G.711  tests  even  when  packet  loss  escalates  to  10%  and 
near  flawless  in  G.729  tests 


About  Tolly  Benchmarks _ 

Tolly  Benchmarks  is  a  regular  advertising  supplement  that  highlights 
innovative  and  compelling  technology  research  conducted  by  The  Tolly 
Group,  the  industry's  leading  independent  testing  and  strategic  consulting 
organization  based  in  Boca  Raton,  FL.  For  more  information  on  any  of  the 
products  or  technologies  covered  here,  visit  The  Tolly  Group's  Web  site 
at  http://www.tolly.com,  send  E-mail  inquiries  to  info@tolly.com,  call 
(561)  391-5610  or  fax  (561)  391-5810. 

Tolly  Benchmarks 


THE 

TO  L  LY 

GROUP 

WWW.TOLLY.COM 


Special  Advertising  Section 


January  2004 


Tests  reveal  depth  of  NEC's  enterprise 
strategy  for  VoIP  over  wireless 

j  Throttles  back  non  real-time  data  with  QoS  active  when  VoIP  sessions  traverse  the  NEC  WL1200  Series 
Access  Point 

Q  Supports  up  to  14  VoIP  phones  per  wireless  access  point 

Q  Achieves  interrupt-free  hand-off  in  same-switch/different  switch/different-switch/different-subnet  deployments 

O  Delivers  average  wireless  system  latency  of  3  milliseconds,  proving  that  infrastructure  should  not  impact 
wireless  session  performance 


Project  Profile 


Sponsor:  NEC® 

Products  under  test: 

•  NEC  WL2000  Series  Wireless  Controller  Version 
1.2.59.6  (FCS) 

•  NEC  WL1200  Series  Access  Point  Version  1 .2.59.6  (FCS) 

♦  WL1200a  (802.11a) 

♦  WL1200  b  (802.11b) 

♦  WL1200ab  (dual  band  802.11a/b) 

Product  class:  10/100  Mbps  Wireless  Controller  and  IEEE 

802.11b  Access  Point 

Document  number:  203142 

Testing  window:  September  2003 

For  more  info  on  this  test,  visit: 

http://www.tolly.com/DocDetail.  aspx?DocNumber=203142 

hile  some  vendors  just  now  are  pushing  voice  over  IP 
(VoIP)  as  a  viable  wireless  service,  NEC  has  already 
extended  enterprise-level  Quality-of-Service  to  its  own  VoIP  gear 
to  guarantee  bandwidth  precedence  to  latency-sensitive  voice. 


than  sufficient  bandwidth  available  to  provide  good  quality 
voice  service. 

While  9.77  Mbps  of  traffic  was  generated  by  a  wired  PC, 
only  approximately  2.68  Mbps  of  traffic  was  received  by 
the  wireless  PC  while  the  VoIP  sessions  were  active.  By 
the  time  each  VoIP  session  was  terminated,  the  wireless 
PC  was  receiving  roughly  6  Mbps,  which  approximates 
the  maximum  bandwidth  that  a  single  station  can 
receive  in  an  802.11b  WLAN. 

Tolly  Group  engineers  also  tested  session  hand-off 
between  APs.  This  test  verified  that  telephone  conversa¬ 
tions  remain  uninterrupted  when  migrating  from  AP  to 
AP  on  various  combinations  of  controller  location  and 
IP  subnetworks.  Engineers  discovered  that  the  best 
session  "hand-off"  time  between  APs  was  as  low  as  31 
milliseconds  -  which  should  not  have  any  adverse  impact 
of  voice  quality  or  session  state. 

From  a  latency  standpoint,  the  average  latency  of  3  ms. 
illustrates  that  the  wireless  infrastructure  will  not  introduce 
significant  delay  into  the  system. 


Tests  conducted  this  past  fall  on  NEC's  WL2000  Series  Wireless 
Controller  and  WL1200  Wireless  Access  Point  show  that  the 
devices  throttle  back  non-real-time  data  with  QoS  active  as  VoIP 
traffic  traverses  the  WL1200  Access  Point.  Moreover,  tests  verify 
that  the  WL1200  AP  supports  up  to  14  VoIP  phones  per  AP  and 
delivers  an  average  system  latency  of  3  milliseconds.  NEC  com¬ 
missioned  The  Tolly  Group  to  perform  the  tests  in  September 
2003;  The  Tolly  Group  maintained  full  control  over  all  testing. 

On  the  QoS  side,  tests  proved  that  the  bandwidth  throttling  was 
dynamic  by  illustrating  that  the  data  traffic,  which  was  generating 
sufficient  traffic  to  "overload"  the  access  point  was  throttled  back  in 
the  presence  of  VoIP  sessions  and  subsequently  was  allowed  to 
consume  additional  bandwidth  as  VoIP  sessions  were  removed  - 
or  terminated  -  from  the  network.  Given  that  IEEE  802.11b 
networks  are  relatively  slow  and  implement  a  shared-bandwidth 
architecture,  providing  QoS  is  far  from  being  just  an  "academic" 
feature.  While  voice  quality  was  not  measured,  the  bandwidth 
was  throttled  down  to  such  a  level  that  there  was  likely  more 
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Dell  PowerConnect  3348  excels  over  rival 
switches  in  Fast  Ethernet,  GbE  tests 


j  Outperforms  3Com  and  Cisco  switches  consistently  in  Layer  2  throughput  tests  using  "uplink 
stress  test"  for  Fast  Ethernet  to  Gigabit  Ethernet  uplink  traffic  flow 

j  Exceeds  throughput  of  SuperStack  3  Switch  4400  by  30%  and  Catalyst  2950  by  48%  in  Layer 
2  throughput  tests  of  64-byte  frames 

j  Forwards  87%  of  the  maximum  theoretical  rate  for  64-byte  frames,  plus  91%  of  the  maximum 
theoretical  rate  for  both  512-byte  and  1,518-byte  frames 


Dell  Inc.'s  PowerConnect  3348 

emerged  from  a  competitive  show¬ 
down  of  popular  Fast  Ethernet/Gigabit 
Ethernet  switches  by  proving  that  it  deliv¬ 
ers  the  highest  throughput  when  tested 
under  stressful  network  conditions. 

Dell  commissioned  The  Tolly  Group  to 
benchmark  the  performance  of  its 
PowerConnect  3348,  an  enterprise  edge 
switch.  The  PowerConnect  3348  provides 
48  managed  Fast  Ethernet  ports  with  two 
Gigabit  Ethernet  uplinks  (built-in  copper, 
optional  fiber);  Dell  also  offers  a  24-port 
version  of  the  switch.  Dell  requested  that 
The  Tolly  Group  test  the  performance  of 
two  other  rival  switches:  3Com  Corp.'s 
SuperStack  3  Switch  4400  and  Cisco 
System's  Catalyst  2950.  Each  of  the 
devices  provides  48  Fast  Ethernet  ports 
with  two  GBIC  slots. 


The  Tolly  Group  conducted  zero-loss 
(0.001%)  bi-directional  throughput  tests 
on  all  three  switches,  subjecting  them  to 
test  scenarios  in  which  traffic  of  64-byte, 
512-byte  and  1,518-byte  frames  was 
utilized  in  a  challenging  port  mapping 
configuration  that  forced  traffic  from  the 
"low"  Fast  Ethernet  ports  to  the  "high" 
Gigabit  Ethernet  port  and  vice  versa. 

Engineers  created  a  traffic  flow  in  which 
10  Fast  Ethernet  ports  transmitted  traffic 
to  one  Gigabit  Ethernet  port,  another  set 
of  10  Fast  Ethernet  ports  transmitted  data 
to  the  second  available  Gigabit  Ethernet 
port  and  the  remaining  Fast  Ethernet  ports 
exchanged  data  in  a  full  mesh.  Under 
this  uplink  stress  traffic  scenario,  The  Tolly 
Group  witnessed  the  capability  of  the  various 
switches  to  respond  to  the  traffic  flows. 

In  zero-loss  bidirectional 
throughput  (64-byte  frames), 
the  PowerConnect  3348 
delivered  87%  of  the  theoret¬ 
ical  maximum,  zero-loss 
throughput  or  an  aggregate 
of  17,679,464  frames- 
per-second  (fps).  By  contrast, 
the  Cisco  Catalyst  2950 
managed  only  59%  of  zero- 
loss  throughput  and  the 
3Com  SuperStack  3  Switch 
4400  managed  just  67%  of 
zero-loss  throughput  for  the 
same  test. 

In  fact,  the  PowerConnect 
3348  offered  superior 
performance  to  the  two 
rival  switches  in  Layer  2 
throughput  tests  for  all 
frame  sizes  tested. 

The  PowerConnect  3348 
demonstrated  its  greatest 
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Sponsor:  Dell,  Inc. 

Products  under  test: 

•  Dell  PowerConnect  3348 
Version  1.0.0.52 

•  3Com  Corp.  SuperStack  3 
Switch  4400  Version  3.0 

•  Cisco  Systems  Catalyst  2950, 

IOS  12.1  (13)EA1 

Product  class: 

•  Layer  2  Fast  Ethemet/Gigabit 

Ethernet  switches 
Document  number:  203115 
Testing  window:  August  2003 
For  more  info  on  this  test,  visit: 

http://www.tolly.com/DocDetail. 

aspx?DocNumber=203116 


throughput  in  bi-directional  zero-loss  tests 
of  1,518-byte  frames.  Here  the  Dell  switch 
achieved  91%  of  the  theoretical  max 
throughput,  versus  just  73%  for  the  3Com 
SuperStack  3  Switch  4400  and  62%  for 
the  Cisco  Catalyst  2950. 

The  message  is  clear;  the  PowerConnect 
3348  delivers  consistent  performance 
gains  over  the  Cisco  and  3Com  switches, 
regardless  of  frame  sizes  tested. 


D0LL 


Percent  of  Theoretical  Maximum  Zero-Loss 
(<  0.001%)  Throughput 

48  Fast  Ethernet  +  2  Gigabit  Ethernet  Ports 
as  Reported  by  SmartFlow 
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Symbol  Technologies  outpaces  rival  in 


O  Offers  more  than  2.5  times  the  mobile  battery  life  with  multi-BSS  than  provided  by  Cisco 
Aironet  1220  AP 

O  Outperforms  Cisco  Aironet  1220  AP  by  more  than  27%  in  tests  of  multi-BSS  throughput 

j  Delivers  30%  greater  throughput  than  the  Cisco  Aironet  1220  AP  when  handling  roaming  data 
transfers 

O  Adds  lower  latency  than  the  Cisco  Aironet  1220 
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Sponsor:  Symbol  Technologies,  Inc. 

Products  under  test: 

•  Symbol  WS5000/AP100  1.1. 4.30SP1 

•  Cisco  Systems  Inc.  AP  1220B  5.02.12 
Product  class:  Wireless  Switch/Access  Port  System 
Document  number:  204100 

Testing  window:  December  2003 

For  more  info  on  this  test,  visit:  http://www.symbol.com/tg 


Roaming  Performance -TCP  Throughput 

(as  Reported  by  Chariot) 
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The  Tolly  Group  tested  a  Symbol  WS  5000  wireless 
switch  and  AP  100  Access  Port  against  a  Cisco 
Systems  Aironet  1220  Access  Point.  In  essence,  testing 
pitted  the  old-world  'fat'  wireless  architecture  of  the 
Aironet  1220  AP  (where  all  wireless  intelligence 
resides)  versus  the  streamlined  Symbol  wireless 
switch  approach,  where  the  switch  offers  centralized 
intelligence  to  slimmed  down  access  ports. 

Tolly  Group  engineers  tested  the  wireless  TCP  through¬ 
put  of  both  solutions  and  found  that  devices  offer  almost 
identical  throughput  of  6.24  Mbps  for  the  Symbol  WS 
5000  and  6.21  Mbps  for  the  Cisco  Aironet  1220. 


Performance  differences  began  to  emerge  when  Tolly  Group 
engineers  measured  throughput  when  supporting  multiple 
wireless  broadcast  domains  (BSSIDs)  and  when  supporting 
users  as  they  roam  from  AP  to  AP.  In  the  case  of  multi-BSS 
performance,  Symbol's  WS  5000  outperformed  the  Cisco 
Aironet  1220,  delivering  6.13  Mbps  of  aggregate  throughput, 
or  27%  more  throughput  than  the  4.83  Mbps  of  the  Cisco 
Aironet  1220.  This  performance  indicates  that  the  Symbol 
wireless  switch  -  and  its  support  for  four  wireless  broadcast 
domains  (BSSIDs)  per  access  port  delivers  greater  throughput 
than  traditional  intelligent  access  points  that  handle  only  a 
single  BSSID. 

Engineers  also  observed  performance  advantages  for  the 
Symbol  WS  5000  during  roaming  tests.  The  TCP  throughput 
tests  for  the  roaming  scenario  yielded  30%  greater  throughput 
for  Symbol's  WS  5000  over  the  Cisco  Aironet  1220  -  6.1  Mbps 
for  the  WS  5000  versus  4.69  Mbps  for  Cisco-based  Aironet 
1220  WLAN. 

The  Symbol  gear  even  demonstrated  a  mobility  advantage 
over  the  Cisco  products  when  it  came  to  sustained  battery  life. 
A  PocketPC-based  mobile  companion  demonstrated  a  battery 
life  of  5.08  hours  with  the  WS  5000  versus  1.98  hours  with  a 
Cisco  Aironet  1220-based  setup. 
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Foundry  Serverlron  400  secures  applications  against 
Gigabit-rate  DoS  attack  while  serving  up  peak  performance 


High  performance  and  intelligent  Layer  4-7  switches  are  the  prod¬ 
ucts  of  choice  of  network  managers  tasked  with  delivering  always 
available  and  highly  secure  mission-critical  IP  and  Web  applications. 

Foundry  commissioned  The  Tolly  Group  in  September  2003  to  evalu¬ 
ate  the  security  and  Layer  4/Layer  7  switching  performance  of  its 
Serverlron  400,  a  highly  scalable  chassis-based  load-balancing  switch. 

Not  many  switching  vendors  are  brazen  enough  to  test  their 
device  performance  while  under  a  wire-speed  gigabit  rate  Denial 
of  Service  (DoS)  attack,  but  that  is  exactly  what  Foundry  did. 

Tolly  performed  tests  to  assess  the  capability  of  the  Serverlron 
400  to  sustain  legitimate  application  traffic  while  being  subject 
to  a  Gigabit-rate  DoS  attack  at  1.488  million  SYN  packets  per 
second.  Tests  show  that  the  Serverlron  400  switch  continued 
servicing  320  Mbps  of  application  traffic  through  the 
six-minute  DoS  attack. 


O  Protects  server  farms  from  wire-speed  Gigabit 
DoS  attacks  at  1.5  million  SYN/second  while 
serving  320  Mbps  application  traffic  without 
measurable  performance  degradation 

O  Achieves  a  steady-state  rate  of  108,000 
connections  per  second  with  no  transaction 
failures  using  Layer  4  switching  to  retrieve 
256-byte  through  1 ,024-byte  objects 

j  Achieves  a  steady-state  rate  of  28,000 
connections  per  second  with  no  transaction 
failures  using  Layer  7  URL  switching 


Project  Profile 


Application  availability  and  performance  critically  depend 
on  the  connection  performance  of  Layer  4-7  switches.  Tolly 
Group  engineers  tested  the  Layer  4  and  Layer  7  connection 
performance  of  the  Serverlron  400.  A  connection,  as 
defined  in  the  test,  required  successful  completion  of  three 
steps  between  the  application  client  and  servers  -  TCP 
connection  establishment,  request  and  response  of  HTTP 
objects,  and  connection  termination.  Connection  perform¬ 
ance  tests  were  executed  using  object  sizes  of  256,  512, 
1,024,  2,048,  4,096,  and  8,192  bytes  to  cover  a  range  of 
real-world  application  behavior. 

When  tested  with  Layer  4  switching,  the  Serverlron  400 
yielded  an  average  connection  rate  of  108,000  connections 
per  second  for  object  sizes  of  256,  512  and  1 ,024  bytes, 
and  sustained  high  performance  even  with  8,192-byte 
objects  delivering  63,000  connections  per  second.  Tolly 
Group  engineers  conducted  Layer  7  switching  using  URL 
matches.  The  Serverlron  400  delivered  maximum  rate  of 
28,000  connections  per  second  with  Layer  7  switching,  and 
an  average  of  23,000  connections  per  second  across  the 
various  object  sizes  tested.  Finally,  engineers  measured  the 
„  maximum  concurrent  connections  supported  by  the 
Serverlron  400  at  13,457,886. 

Layer  4-7  switches,  in  addition 
to  acting  as  a  last  line  of 
defense  for  the  application 
infrastructure,  also  enable 
highly  available  server  farms 
with  server  protection,  efficient 
load  distribution,  and  intelligent 
switching. 


Sponsor:  Foundry  Networks,  Inc. 

Products  under  test: 

•  Serverlron  400  SW  Ver.  9.000B3T22 
Product  class:  Layer  4-7  Load-Balancing  Switch 
Document  number:  203120 
Testing  window:  September  2003 
For  more  info  on  this  test,  visit: 
http://www.tolly.com/DocDetail.  aspx?DocNumber=2031 20 


Serverlron  400  Traffic  Resiliency 
During  Gigabit  Rate  DoS  Attack 
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Dell  PowerConnect  3348  earns  bevy  of 
Tolly  Verified  certifications 


Q  Achieves  wire-speed  throughput  for  all  frame  sizes  tested 

Q  Achieves  wire-speed  Layer  3  ACL  performance  for  64-byte  frames 

G  Sets  link  speed  automatically  and  duplex  mode  in  conformance  with  partner  port 

Q  Tags  and  distinguishes  traffic  appropriately;  distinguishes  and  prioritizes  traffic  correctly  based  upon  IEEE  802.1  p 
G  Provides  VoIP-capable  infrastructure  to  support  latency-sensitive  voice 
G  Reconfigures  Layer  2  Spanning  Tree  using  'Rapid  Spanning  Tree' 


Project  Profile 


Sponsor:  Dell  Inc. 

Products  under  test: 

•  Dell  PowerConnect  3348 
Version  1.0.0.52 

Product  class: 

•  Layer  2  Fast  Ethernet/Gigabit 
Ethernet  switches 

Product  under  test: 

•  Deli  PowerConnect  3348 
Version  1.0.0.52 

Document  number:  203115 

Testing  window:  July  2003 

For  more  info  on  this  test,  visit: 

http://www.tolly.com/DocDetail.aspx? 

DocNumber=203115 


Dell  Inc.  commissioned  The  Tolly 
Group  to  verify  certain  key 
attributes  of  its  PowerConnect  3348,  a 
48-port,  Layer  2  Fast  Ethernet  switch 
with  two  Gigabit  Ethernet  uplink  ports. 
The  Tolly  Group  engineers  subjected  the 
PowerConnect  3348  to  a  battery  of  tests 
designed  to  verify  the  PowerConnect 
3348's  key  features. 

Test  results  show  that  the  Dell  Power¬ 
Connect  3348  performs  at  wire-speed  at 
all  frame  sizes  tested  and  exhibits  a 
variety  of  key  features  essential  to  LAN 
switches  including  auto-negotiation,  link 
aggregation  (802. 3ad),  VLAN  support 
(802. IQ),  rapid  reconfiguration  for 
Spanning  Tree  support  (802. 1w)  and 
port  mirroring.  Furthermore,  system 
management  tests  included  dual 
firmware  and  dual  configuration  image 
tests  and  embedded  Web  management 


tests.  System  security  and  user  manage¬ 
ment  tests  included  management  access 
authentication  via  RADIUS.  In  total,  The 
Tolly  Group  verified  16  features/functions 
of  the  PowerConnect  3348. 

All  features  and  functions  validated  by 
Tolly  Group  engineers  earned  the  pres¬ 
tigious  Tolly  Verified  certification. 

On  the  performance  side,  tests  verified 
that  the  switch  backplane  is  "non- 
blocking"  and,  thus,  will  not  become  a 
bandwidth  bottleneck  in  the  network. 


nisms  can  adequately  support  latency- 
sensitive  applications  such  as  voice  in  a 
congested  environment  by  providing 
sufficiently  low  latency. 

VLAN  support  tests  demonstrate  that  the 
PowerConnect  3348  segments  traffic 
appropriately  according  to  the  IEEE 
802.1  Q  protocol.  QoS  tests  verify  that  the 
PowerConnect  3348  prioritizes  traffic 
according  to  the  802.1  p  QoS  standard 
utilizing  four  traffic  queues. 

For  a  full  understanding  of  the  tests 
verifying  the  PowerConnect  3348's 
performance  and  features,  please  refer 
to  the  Dell  Inc.  PowerConnect  3348 
under  the  Tolly  Verified  Certification 
Catalog  at  http://www.tolly.com/ 
TVDetail.aspx?ProductlD=87. 


2  Fast  Ethernet  Throughput 


Auto-negotiation  tests  verify  that  the 
PowerConnect  3348  interoperates 
with  common  10/100  networking  compo¬ 
nents  and  automatically  selects  the 
optimum  speed  and  duplex  mode  sup¬ 
ported  by  the  partner 
end  of  the  connection. 


Layer 


The  test  for  Layer  2 
wire-speed  Fast  Ether¬ 
net  with  L3  ACLs 
verified  that  the  switch 
could  forward  traffic  at 
wire-speed  while  apply¬ 
ing  L3  IPv4-based 
access  control  lists  on 
all  ports.  Devices 
earning  this  certifica¬ 
tion  have  demonstrated 
wire-speed  through-put 
with  a  total  of  1 5  ACLs 


Dell  PowerConnect  3348 
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specifically  where  the 
first  14  are  set  to 
deny  traffic  and  the 
final  ACL  to  permit. 

In  the  VoIP  Capable  Infrastructure  test  for 
Quality  of  Service,  engineers  verifies  that 
the  PowerConnect  3348's  QoS  mecha- 
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Avaya  VoIP  solution  serves  up  prime 
performance  for  TTY  (TDD)  over  IP 

j  Demonstrates  a  level  of  performance  handling  TTY  over  IP  that  is  unmatched  by  Cisco 
j  Exhibits  zero  error  rate  in  G.711  tests  even  when  packet  loss  escalates  to  10% 

j  Delivers  near  flawless  performance  even  when  handling  TTY  encoded  to  support  G.729  compressed  voice 


Recent  tests  conducted  on  voice  over  IP  gear  from 
both  Avaya  Inc.  and  Cisco  Systems  Inc.  offer 
concrete  evidence  that  the  Avaya  VoIP  solution  reliably 
transports  TTY  (TDD)  signals  in  the  presence  of 
packet  loss. 

People  who  are  deaf  or  hard-of-hearing  commonly  use 
text  terminals  -  often  referred  to  as  TTY  or  TDD 
(Telecommunication  Device  for  the  Deaf)  -  in  order  to 
communicate  via  telephone  systems.  FCC  regulations, 
as  well  as  federal  procurement  requirements  established 
under  Section  508  of  the  Rehabilitation  Act  amendments, 
require  telephony  systems  to  be  usable  with  TTYs. 

However,  such  a  requirement  has  presented  a  challenge 
for  VoIP  systems.  Voice-optimized  audio  compression 
codecs  often  used  in  VoIP  wide-area  networks  tend  to 
distort  TTY  signals.  Moreover,  packet  loss  can  result  in 
unacceptable  TTY  error  rates  because  critical  compo¬ 
nents  of  the  signal  will  be  missing  and  irrecoverable. 

Avaya  has  implemented  a  mechanism  that  provides 
reliable  transport  of  TTY  signals  on  VoIP  networks,  even 
in  the  presence  of  moderate  packet  loss  and  regardless 
of  the  audio  codec  being  employed. 

The  Tolly  Group  benchmarked  the  performance  of  the 
Avaya  S8700  Media  Server  and  G600  Media  Gateway 
against  a  solution  from  Cisco  Systems,  which  was 
deemed  to  be  representative  of  IP-PBX  architectures 
that  rely  on  the  voice  channels  to  transport  TTY  tones. 
Although  there  was  no  question  about  either  solution's 
capability  to  provide  flawless  performance  using  G.711 
audio  encoding  with  no  packet  loss,  the  key  tests 
evaluated  their  capability  to  work  reliably  under  genuine 
"real-world"  conditions. 

G.711  scenario  tests  show  that  the  Avaya  system  per¬ 
formed  flawlessly,  resulting  in  zero  errors  in  all  five 
tests  -  0%,  1%,  3%,  5%  and  10%  packet-loss  scenarios. 
By  contrast,  the  Cisco  VoIP  solution  (see  Project  Profile) 
began  to  generate  errors  with  packet  loss  as  low  as  1%. 
When  packet-loss  was  3%,  the  Cisco  solution  created  an 


Project  Profile 


Sponsor:  Avaya  Inc. 

Products  under  test: 

•  Avaya  S8700  Media  Server  with  Avaya 
Communications  Manager  2.0 

•  Avaya  G600  Media  Gateway 

•  Cisco  Systems  Call  Manager 

•  Cisco  Systems  1751-V  Multiservices  Modular 
Access  Router 

Product  class:  Section  508-compliant  VoIP  gear 

Document  number:  204102 

Testing  window:  December  2003 

For  more  info  on  this  test,  visit:  http://www.tolly.com 


18%  error  rate  -  meaning  that  almost  one  out  of  five 
characters  transmitted  experienced  problems. 

In  the  G.729  scenario,  typical  of  many  WANs,  the  Avaya 
VoIP  solution  performed  admirably  with  less  than  1% 
error  rate  at  the  extreme  case  of  10%  packet  loss.  In 
all  other  packet-loss  instances,  the  Avaya  equipment 
delivered  all  TTY  data  with  no  errors.  The  Cisco  system 
did  not  fare  as  well  in  the  G.729  tests.  Here,  even  if  a 
network  could  be  engineered  to  produce  0%  packet 
loss,  based  upon  these  tests,  the  Cisco  equipment 
would  experience  an  error  rate  of  nearly  14%.  Tests 
show  that  as  packet  loss  increases,  the  error  rate 
worsens. 

These  tests  have  enormous  implications:  First,  for 
users  who  need  TTY  data  to  be  transmitted  without 
error  so  that  messages  can  be  comprehended;  second 
for  the  network  administrator  who,  without  the  Avaya 
solution,  would  be  required  to  add  sufficient  network 
resources  and  engineering  to  provide  an  infrastructure 
for  acceptable  TTY  transmission. 


AVAyA 


2003. 


#1  in  connections/sec 
#1  with  Gigabit  DoS  attack  protection 
#1  in  powerful  content  parsin 
ana  cookie  switching 


1999-2002- 


#1  in  throughput 
#1  in  port  density 
#1  market  share  in 
Layer  4-7  ports 


1998 


#1  in  session  capacity 
#1  with  complete  Layer  2/3 
Layer  4-7  solution 
#1  in  price/performancf 
/leadership 


The  Jdurney  of  the  Leader  in  Layer  4—7  Load  Balancing  Switches 

Performance.  Intelligence.  Security.  Price. 


Servcrlron  — when  it  comes  to  Layer  -4—7  load  balancing,  there  is  no  summit! 
Just  a  continuous  journey.  I  oundry s  Server  I  run  swiu  lies  continue  to  be  the  trailbla/er 
Ini  server  scalability  with  one  accomplishment  after  another.  Servcrlron  switches  protect 
servers  against  denial  of  serve  e  attac  ks,  improve  server  scalabilitv,  and  vastly  enhance  server 
reliability.  Servcrlron  makes  it  easy  to  manage  all  your  networked  applications  and  improve  user 
response  time  while  eliminating  application  downtime.  Its  the  industry  leader  m 
performance, intelligence,  security  and  price.  So  its  no  coincidence  that  Servcrlron  is  the 
product  of  choice  lor  the  worlds  largest  and  most  demanding  customers.  Visit  us  today  at 
www.foundrvnetworks.com/si.  ( )r  call  1 .8K8.  I  UK  IK  )l  AN  7  'Kn'U 
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■  PORTALS  ■  MESSAGING/GROUPWARE 

■  E-COMMERCE  ■  SECURITY 

■  MIDDLEWARE  ■  DIRECTORIES 

■  NETWORK  AND  SYSTEMS  MANAGEMENT 

■  WEB  SERVICES 


Takes 

■  A  recent  report  by  The  Radicati 
Group  selected  five  anti-spam  ven¬ 
dors  Clearswift,  CloudMark, 
Postini,  SurfControl  and  Tumble¬ 
weed  —  as  2004's  top  suppliers  of 
products  or  services  that  detect  un¬ 
wanted  e-mail.  The  research  firm 
made  its  selections  in  part  to  help 
companies  choose  effective  products 
in  what  has  become  a  market  overrun 
with  "me  too”  offerings.  Radicati’s 
rankings  are  based  on  the  companies' 
technology,  vision,  innovation,  history 
and  financial  stability.  Tumbleweed, 
SurfControl,  CloudMark  and  Clear- 
swift  sell  anti-spam  software  that  sits 
at  the  edge  of  a  company's  network, 
and  Postini  offers  a  hosted  service 
that  filters  incoming  mail  for  unwant¬ 
ed  messages.  Radicati  recommends 
companies  pick  an  anti-spam  vendor 
that  also  offers  other  secure  e-mail 
protection,  such  as  anti-virus,  content 
filtering  and  message  encryption. 

■  Recognizing  the  importance  of 
e-mail  and  the  popularity  of  Microsoft 
Outlook,  ePeople  last  week  pulled 
the  two  together  as  part  of  a  new 
client  for  their  server-based  collabo¬ 
ration  software.  With  Version  5.1  of 
ePeople  Teamwork,  the  company  is 
adding  support  for  Outlook  as  a  client, 
letting  users  have  a  collaboration 
environment  that  will  capture  and 
integrate  e-mail-based  conversions 
from  within  the  Outlook  interface. 

The  idea  is  to  let  companies  integrate 
all  the  information  gathered  from 
applications  and  collaborative  soft¬ 
ware,  including  e-mail,  into  a  central 
location  without  having  to  train  users 
on  new  client  software.  EPeople  has 
added  a  set  of  buttons  to  the  Outlook 
interface  and  a  folder  where  a  user 
can  access  his  Teamwork  spaces  on 
the  ePeople  server,  which  integrates 
with  software  from  PeopleSoft,  SAP 
and  Siebel. 

E-mail  sent  to  workspaces  on  the 
ePeople  server  also  appears  in  users’ 
Outlook  mailboxes  with  an  indicator. 
The  server  costs  $20,000,  and  the  per¬ 
user  licensing  is  $1,200  per  year.  A 
hosted  version  is  available,  starting  at 
10  users  for  $480  each  per  year. 


Options  shrink  for  ID  mgmt. 

Market  consolidation  drives  provisioning,  access  management  integration. 


■  BY  JOHN  FONTANA 

End  users  and  vendors  are  evaluating 
their  identity  management  efforts  as  the 
long-anticipated  convergence  of  provi¬ 
sioning  and  access  management  software 
matures. 

Experts  have  said  for  years  that  the  two 
technologies  make  sense  together:  They 
provide  the  ability  to  automatically  create 
identities  using  provisioning  software  and 
then  use  those  identities  to  secure 
resources  through  access  management 
software. 


In  the  past,  many  vendors  created 
alliances  to  tie  together  their  products  on 
certain  platforms,  such  as  Windows.  Now 
there  is  a  race  among  major  vendors  and 
upstarts  to  create  suites  of  identity  man¬ 
agement  products. 

In  the  past  two  months,  Sun  bought  pro¬ 
visioning  vendor  Waveset  Technologies 
for  an  undisclosed  amount  to  round  out 
its  identity  platform,  and  Netegrity  spent 
$44  million  to  buy  provisioning  provider 
Business  Layers  to  complement  its  access 
management  software. 

The  consolidation  is  happening  under 


the  banner  of  identity  management, 
which  ties  together  authentication,  direc¬ 
tory  services,  provisioning,  and  user-  and 
access-management  technology 

Identity  management  lets  companies 
reduce  user  management  costs,  increase 
security  ensure  privacy  and  comply  with 
federal  regulations. 

While  those  concepts  are  well  under¬ 
stood,  convergence  is  forcing  corporate 
users  to  re-examine  their  software  pro¬ 
viders  and  their  strategic  plans. 

“Initially  we  weren’t  real  happy  that  Sun 
See  ID  mgmt.,  page  32 


Let's  deal 


Sun  and  Netegrity  recently  rounded  out  their  identity  management  strategies  by  acquiring  provisioning 
software.  The  moves  highlight  a  trend  among  companies  to  create  suites  of  products  to  address  identity 
management  needs. 


Vendor 

Acquired 

company 

Price 

Objective 

Next  move 

Sun 

Waveset 

Undisclosed 

Sun  says  it  has  completed  its  lineup  of  identity 
products,  which  includes  Directory  and  Identity 
Server. 

Sun  shifted  all  its  identity  products,  including 
development  and  marketing,  underthe  former 
management  team  at  Waveset. 

Netegrity 

Business 

Layers 

$44  million 

Move  up  the  food  chain  and  become  a  major 
player  by  offering  an  identity  management  suite. 

Combine  Java  products  from  both  vendors 
to  create  extranet  platform  for  identity. 

CipherTrust  adds  spam  filter  to  gateway 


■  BY  CARA  GARRETSON 

E-mail  security  company  CipherTrust  is 
boosting  the  anti-spam  features  of  its  gate¬ 
way  appliance  with  a  software  upgrade 
that  includes  four  additional  methods  for 
users  to  detect  unwanted  messages. 

Version  4.0  of  Enterprise  Spam  Profiler 
(ESP),  part  of  the  company’s  IronMail 
appliance  software,  adds  Bayesian  filter¬ 
ing,  URL  filtering,  content  filtering  and 
domain  blacklisting  to  the  product’s  arse¬ 
nal  of  anti-spam  techniques,  says  Paul 
Judge,  CipherTrust’s  CTO.  IronMail  also 
offers  companies  virus  protection,  policy 
enforcement,  message  encryption  and 
intrusion  prevention. 

ESP’s  Bayesian  filter  “learns”  what  a  spe¬ 
cific  company  defines  as  spam  vs.  legiti¬ 
mate  e-mail  by  incorporating  information 
from  end-user  quarantined  mail,  spam 
reports  and  spam  traps,  Judge  says.  URL  fil¬ 
tering  checks  the  URLs  in  an  incoming 


e-mail  against  a  blacklist  of  Web  sites 
deemed  invalid  and  flags  messages 
accordingly.  Automatic  software  down¬ 
loads  to  customer  sites  update  the  URL 
blacklist  in  real  time,  Judge  says. The  new 
version  also  blacklists  known  spammers’ 
domains  and  filters  a  message’s  content 
for  clues  of  spam. 

With  the  new  anti-spam  filters,  ESP 
examines  about  900  characteristics  of 
each  incoming  email  to  determine  if  the 
message  is  legitimate  or  spam,  Judge  says. 
Other  ESP  spam-fighting  techniques 
include  sender  blacklists,  reverse  DNS 
lookup  to  verify  that  host’s  name  matches 
its  IP  address,  and  heuristics  that  identify 
spam  by  looking  for  message  characteris¬ 
tics  such  as  excessive  use  of  capital  letters 
or  multiple  colors. 

In  addition  to  the  new  spam  filters  in 
ESPCipherTrust  has  worked  on  perfecting 
the  techniques  its  software  uses  so  it  can 
more  effectively  analyze  whether  a  mes¬ 


sage  is  spam  or  not.  “We’re  starting  to 
reach  the  boundaries  of  possible  detec¬ 
tion  techniques,”  Judge  says.  “Now  the 
emphasis  is  switching  from  spam  detec¬ 
tion  to  the  [quality]  of  information 
gleaned  and  training  detection  tech¬ 
niques.”  Version  4.0  is  98%  effective  in 
blocking  spam,  he  adds,  and  the  product’s 
false-positive  rate  is  less  than  1%. 

CipherTrust  says  that  while  spam  block¬ 
ing  is  a  key  feature  of  IronMail,  the  prod¬ 
uct’s  other  features  provides  overall  e-mail 
security  for  large  corporations.  The  com¬ 
pany,  which  competes  with  other  e-mail 
security  appliance  makers  including 
BorderWare  and  IronPort,  launched  five 
years  ago  with  an  e-mail  message  encryp¬ 
tion  and  intrusion-detection  product  and 
expanded  into  virus  and  spam  protection 
and  content  filtering  two  years  ago. 

“A  year  ago  we  saw  everyone  with  a 
content-filtering  product  adding  the 

See  Spam,  page  32 
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DOES  LINUX  ADD  UP  TO  LOWER  TCO? 
ASK  THE  EXPERTS. 


Microsoft 


"Although  the  Linux  05  itself  is  nominally  free, 

Linux  is  only  one  component  of  an  increasingly 
complex  application  infrastructure  stack.... 

From  a  total -cost- of- ownership  perspective, 
we  believe  the  overall  application  costs  of 
integration  and  ongoing  infrastructure 
management  and  support  far  outweigh  one-time, 
upfront  hardware  and  OS  software  costs." 

— META  Group,  November  2002 
Linux  Servers:  No  ", Silver  Bullet"  for  Total  Cost  of  Ownership 


Leading  independent  research  analyst  META  Group  found  in  a  recent  study  that  Linux 
on  Intel  infrastructure  costs  are  not  lower  than  Windows®  on  Intel.  To  get  the  full  study 
and  other  third-party  findings,  visit  microsoft.com/getthefacts 


Windows 


C  2004  Microsoft  Corporation.  All  rights  reserved.  Microsoft,  Windows,  the  Windows  logo,  and  Windows  Server  System  are  either  registered  trademarks  or  trademarks  of  Microsoft 
Corporation  in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademarks  of  their  respective  owners 
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Bradner 


One  of  the  top  stories  on  CNET  for 
Jan.  18,  “Seeds  of  destruction,”  fo¬ 
cused  on  a  report  that  said  some 
computer  security  experts  see  a  parallel 
between  the  spread  of  agricultural  blights 
and  computer  viruses.  These  experts 
think  today’s  technology  monocultures, 
such  as  Microsoft  desktops,  might  react 
like  the  agricultural  monocultures  of  the 
past  when  confronted  by  a  new  virus  — 
mainly,  that  they  will  mostly  die. 

What  I  don’t  understand  is  why  CNET 
thought  this  was  news  in  January  2004; 
this  has  been  the  long-held  view  of  com¬ 
puter  security  experts  and  amateurs  for 
many  years.  CNET  itself  had  multiple  sto- 


Just  how  is  this 

ries  on  the  topic  in  2003,  including  one 
about  the  National  Science  Foundation 
(NSF)  funding  university  researchers  to 
look  at  the  issue. 

This  conclusion  is  also  obvious:  If  more 
than  90%  of  the  computers  in  an  organi¬ 
zation  run  the  same  operating  system, 
more  than  90%  of  the  machines  in  that 
organization  are  vulnerable  if  a  new  virus 
shows  up  to  exploit  a  previously  unknown 
bug  in  the  operating  system. 

In  case  you  have  been  living  in  a  cave, 
exploits  of  new  bugs  in  the  dominant 
operating  system  are  not  uncommon, 
even  if  they  tend  to  exploit  known  bugs.  If 
the  same  organization  had  machines  run¬ 
ning  operating  systems  from  10  different 
vendors  that  did  not  share  their  code,  only 
about  10%  of  the  organization  would  be  at 
risk.  It  might  be  an  important  10%  but  still 
the  effect  on  the  organization  likely  would 
be  a  lot  less  than  in  the  monoculture  (and 
currently  common)  case. 


news? 

But  so  what?  There  are  not  enough  ven¬ 
dors  of  PC  operating  systems  to  make  any 
significant  difference  to  this  threat.  Even  if 
one  did  not  take  into  account  the  advan¬ 
tages  of  managing  a  uniform  environment 
and  the  need  to  have  good  application- 
level  interoperability,  it  would  be  next  to 
impossible  to  come  up  with  more  than 
three  possibilities. 

All  this  talk  of  the  dangers  of  software 
monocultures,  which  I’ve  done  some  of 
myself,  is  accurate  but  irrelevant.  As  his¬ 
tory  has  made  very  clear,  no  matter  how 
often  security  holes  are  found  companies 
are  not  going  to  swap  their  Microsoft  sys¬ 
tems  for  alternative  solutions  in  enough 
quantity  to  make  any  significant  differ¬ 
ence.  Even  if  they  did,  it  would  just  make 
the  alternative  a  more  attractive  target. 

Macs  —  at  least  the  latest  versions  —  do 
have  quite  good  interoperability  with 
Windows  environments,  but  they  seem  to 
scare  the  support  people. 


www.nwfusion.com 


When  I’m  feeling  selfish  I’d  like  to  see 
Macs  stabilize  at  15%  to  20%  of  the  mar¬ 
ket.  That  would  be  a  big  enough  market 
to  keep  Apple  creating  these  fantastic 
products  but  not  so  big  as  to  become 
too  much  of  a  target  for  the  wackos. 
When  I’m  not  feeling  quite  so  selfish  I 
think  the  better-for-Apple  level  would  be 
about  25%. 

I’m  all  for  NSF  funding  good  research 
and  hope  the  project  focus  is  more  on 
ways  to  deal  with  the  effects  of  the 
monoculture  rather  than  lamenting  its 
existence. 

Disclaimer:  Many  things  can  be  accu¬ 
rately  said  about  Harvard,  but  “monocul¬ 
ture”  is  not  one  of  them.The  above  lament 
on  lamenting  is  my  own. 

Bradner  is  a  consultant  with  Harvard 
University's  University  Information  Sys¬ 
tems.  He  can  be  reached  at  sob@ 
sob.com. 
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bought  Waveset,”  says  Larry 
Burtt,  desktop  services  group 
leader  for  Guidant,  which  de¬ 
signs  and  develops  cardiovascu¬ 
lar  medical  devices  and  is 
based  in  Indianapolis. “But  after 
conversations  with  Waveset,  we 
are  more  comfortable.  We’ll  stay 
with  the  Waveset  tools  provided 
they  still  have  a  focus  on  Active 
Directory’ 

That  is  because  Guidant  is 
committed  to  Microsoft’s  Active 
Directory,  which  is  one  user 
repository  that  Waveset’s  Light¬ 
house  can  use. 

“We  are  an  Active  Directory 
shop,  and  if  [buying  Waveset]  is  a 
move  by  Sun  to  counter  Micro¬ 
soft  we  would  be  disappointed,” 
Burtt  says.  Sun  has  its  own  direc¬ 


tory  service  that  is  part  of  its 
identity  software  suite,  but  Guid¬ 
ant  has  no  plans  to  replace 
Active  Directory. 

Burtt  says  he  thinks  emerging 
identity  standards,  such  as  the 
Security  Assertion  Markup  Lang¬ 
uage  and  the  Service  Provision¬ 
ing  Markup  Language  eventually 
will  provide  flexibility  for  his 
decision-making. 

He  says  consolidation  will  do 
some  good  overall  by  driving  the 
technology  forward  faster  than 
independent  vendors  can  do  it. 
But  there  are  fewer  and  fewer  of 
those  independents. 

Last  year,  HP  bought  access 
management  software  from 
Baltimore  Technologies,  IBM 
began  tightly  integrating  iden¬ 
tity  products  from  companies  it 
acquired  two  years  ago,  and 
Oracle  introduced  its  Identity 


Management  platform  includ¬ 
ing  a  directory  and  services  for 
provisioning,  authentication 
and  authorization. 

Microsoft  and  Novell  have 
renamed  and  tweaked  their 
metadirectory  technology  to 
focus  more  on  provisioning  as 
part  of  their  bids  to  offer  identity 
management  suites. 

“We’re  starting  to  get  the  pic¬ 
ture  that  these  big  vendors  will 
provide  a  full  set  of  tools,”  says 
Mike  Neuenschwander,  an  ana¬ 
lyst  with  Burton  Group.  He  says 
consolidation  is  happening  for 
two  reasons.  “When  a  vendor 
goes  in  to  sell  a  project  they 
can  reduce  the  number  of  sales 
folks.They  don’t  need  someone 
for  the  provisioning,  someone 
for  access  management,  some¬ 
one  for  password  management. 
On  the  IT  side,  there  is  no  need 


IINow  the  emphasis  is  switching 
.  from  spam  detection  to  the  [quality] 
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Paul  Judge 

CTO,  CipherTrust 
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anti-spam  label  to  their  box.  Now 
you  see  everyone  with  an  anti¬ 
spam  product  trying  to  scratch 
that  word  off  and  call  [their  prod¬ 
uct]  email  security’ Judge  says. 

Supplying  more  than  just  anti¬ 
spam  services  to  corporations 
should  help  vendors  distinguish 
their  products  from  the  flood  of 
offerings  now  available  to  fight 
unwanted  email,  according  to  a 
January  report  from  The  Radicati 
Croup.  “Even  though  the  market 
today  is  shared  by  hundreds  of 
companies,  we  believe  that  over 
the  next  four  years  the  vast 
majority  of  these  will  disappear? 
principal  analyst  Sara  Radicati 


and  senior  analyst  Masha 
Khmartseva  say  in  the  report. 
“The  ones  that  will  survive  are 
expected  to  transition  from  sin¬ 
gle-point  solution  providers  to 
broader  secure  messaging  solu¬ 
tions,  with  spam  being  a  part  of  a 
complete  secure  messaging 


suite.”  CipherTrust’s  Judge  says 
IronMail  already  focuses  on 
complete  e-mail  security. 

IronMail’s  Version  4.0  is  avail¬ 
able  for  free  to  customers  under 
a  maintenance  agreement  with 
the  company  The  gateway  appli¬ 
ance  starts  at  about  $25,000.  ■ 


II  Big  companies  stopped  being  innovators 
because  they  can’t  move  fast  enough.19 

Ira  Horowitz 

Director  of  worldwide  marketing,  MaxWare 


to  duplicate  technology  and 
have  a  separate  infrastructure 
for  provisioning,  for  access 
management  or  password  syn¬ 
chronization.  You  need  a  gen¬ 
eral-purpose  infrastructure,” 
he  says. 

But  Netegrity  says  the  big  guys 
are  too  single-minded. 

“Sun,  IBM,  Microsoft.  They  are 
trying  to  make  a  broader  play,  but 
they  focus  on  their  own  prod¬ 
ucts,”  says  Amit  Jasuja,  vice  presi¬ 
dent  of  product  management  for 
Netegrity  He  says  that  focus  is  too 
narrow,  and  his  company’s  com¬ 
mitment  to  technologies  such  as 
Java  will  make  it  a  major  identity 
management  player. 

Independent  vendors,  such  as 
Courion,  MaxWare,  M-Tech,  Thor 
Technologies  and  TruLogica,also 
say  identity  infrastructure  re¬ 
quires  best-of-breed  tools  that 
will  ensure  corporations  aren’t 
trapped  by  one  vendor. 

“In  the  platform  space  every¬ 
one  is  trying  to  lock  customers 
to  their  platforms,”  says  Alberto 
Yepez,CEO  of  Thor,  which  devel¬ 
ops  provisioning  software.Yepez 
says  he  believes  in  the  suite 
model,  but  says  suites  have  to 
be  built  using  a  product  array 
that  can  work  on  multiple 
platforms. 

Thor,  along  with  consulting  firm 
Accenture  and  security  vendor 


RSA  Security,  introduced  its 
Identity  and  Access  Manage¬ 
ment  suite  late  last  year,  which 
includes  products  from  both 
Thor  and  RSA. 

“What’s  happening  [with  con¬ 
solidation]  is  the  big-company 
model,”  says  Ira  Horowitz,  director 
of  worldwide  marketing  for  Max- 
Ware.  “Big  companies  stopped 
being  innovators  because  they 
can’t  move  fast  enough.”  He  says 
consolidation  will  slow  the 
progress  of  identity  technology 

But  those  who  have  seen  the 
opportunities  as  an  independent 
vendor  say  the  game  has 
changed. 

“When  the  market  explodes 
like  this,  it’s  a  lot  of  hubris  for  a 
small  company  to  say,  ‘We  are 
going  to  dominate  this  market,’” 
says  Mark  McClain,  co-founder 
of  Waveset  and  now  the  vice 
president  of  identity  manage¬ 
ment  marketing  for  Sun.“What  it 
becomes  is  a  channel-coverage 
game.”  And  he  says  the  smaller 
companies  just  can’t  cover  as 
many  bases  as  the  big  players.  ■ 


Subscribe  to  our  free  newsletter. 
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But  change  is  coming  for  the  medium  enterprise 

On  February  2nd,  the  incredible  network  security  protecting  many  large 
enterprises  will  be  available  to  medium  enterprises  as  well.  To  learn 
more  call  800.638.8296  or  visit  www.netscreen.com/company/ad/feb2 
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RETAIL  SYSTEMS:  Gash  registers  take  on  inventory  manag 


inventory  management,  customer  service  roles. 


int-of-sale  systems  gain  smarts 


B  BY  ANN  BEDNARZ 

Aged  point-of-sale  systems  are  limiting  retailers’  ability 
to  offer  new  features  such  as  product  lookups  and 
personalized  promotions  —  and  they  are  hurting 
retailers’  ability  to  improve  customer  service  and  reten¬ 
tion  levels,  analysts  say 

“Retailers  with  hardware  that  is  7  or  more  years  old 
have  pretty  much  expanded  that  hardware  to  as  much 
capacity  as  possible,” says  Sunita  Gupta,  a  vice  president 
at  retail  management  firm  LakeWest  Group. “Adding  any 
little  thing  requires  taking  something  off  the  machine.” 

That  was  the  case  with  retailer  Burlington  Coat  Factory 
which  had  to  get  rid  of  certain  functions  —  reducing  the 
total  number  of  items  allowed  per  sale  from  100  to  50,  for 
example  —  to  make  room  on  its  POS  gear  for  new  soft¬ 
ware.  Memory  was  so  tight  on  its  legacy  POS  hardware, 
which  was  running  DOS,  that  the  Burlington,  N.J.,  retailer 
had  to  choose  between  accommodating  some  rarely 
used  older  functions  or  its  newly  developed  software 
upgrades,  says  Brad  Friedman,  vice  president  of  informa¬ 
tion  services  at  Burlington  Coat. 

“Some  of  our  registers  were  12  or  15  years  old,”  Fried¬ 
man  says.“Our  POS  software  was  just  becoming  too  big  to 
be  able  to  run  on  such  an  old  operating  system."  Last 
summer,  Burlington  Coat  completed  a  rollout  of  new  POS 
hardware  from  Wincor  Nixdorf  to  all  of  its  350  stores. 

Reaching  that  critical  mass  is  one  factor  driving  retailers 
to  invest  in  new  POS  software  and  hardware.  Lake  West’s 
annual  survey  of  the  top  100  U.S.  specialty  retailers, 
released  this  month,  found  the  average  age  of  respon¬ 
dents’  POS  systems  is  about  4.5  years  for  hardware  and 
almost  6  years  for  software.  Among  respondents,  37%  said 
they  plan  to  replace  their  POS  hardware,  and  38%  plan  to 
replace  their  POS  software,  within  the  next  two  years. 

Connectivity  critical 

POS  systems  consist  of  core  cash  registers  and  periph¬ 
erals  such  as  printers,  scanners,  touch  screens,  kiosks 
and  handheld  checkout  devices.  Increasingly,  retailers 
are  using  the  POS  as  an  opportunity  to  do  more  —  cap¬ 
ture  customer  information,  view  customers’ sales  histo¬ 
ries,  deliver  customized  promotions,  check  product 
availability  and  track  employee  schedules,  for  example. 

Shopping  for  POS  hardware  and  software  today  is  a  lot 
different  than  it  was  a  decade  ago  when  POS  was  about 
straightforward  transaction  processing.  Newer  POS  fea¬ 
tures  include  special  order  capabilities,  inventory  lookups 
and  personalized  offerings  based  on  customer  purchas¬ 
ing  history  —  features  that  typically  require  access  to  cor¬ 
porate  data  sources. 

Necessarily,  the  newer  generation  of  POS  requires  more 
persistent  Internet  connectivity  A  dial-up  connection  is 
sufficient  for  a  store  to  swap  batched  information  with 
the  corporate  office  and  run  credit-card  authorizations, 
but  more  persistent  connectivity  will  enable  functions 
such  as  inventory  checks  and  real-time  price  updates. 

“1:  you’re  going  to  treat  your  stores  as  an  island, you  can 
have  low-bandwidth  connectivity  But  if  you’re  trying  to 
bring  the  entire  enterprise  together  into  a  seamless, man¬ 
s',  Pie  entity,  then  you  need  more  bandwidth,” says  Doug 
!w  a; is,  director  of  retail  solutions  at  Wincor  Nixdorf. 


In  LakeWest’s  survey,  60%  of  respondents  said  they 
have  Web-enabled  stores,  compared  with  56%  last  year 
and  only  27%  two  years  ago.  Of  those  retailers  that  are 
currently  not  Web-enabled,  69%  plan  to  be  within  the 
next  two  years,  up  from  56%  last  year,  LakeWest  says. 

“A  couple  years  ago,  retailers  only  wanted  to  talk  to  the 
home  office.This  year,  more  than  60%  of  retailers  are 
doing  inventory  lookup,”  Gupta  says.They  have  to  —  not 
only  because  accurate  inventory  management  is  key  to 
maintaining  operating  margins,  but  also  because  cus- 

Connectivity  gains 


between  stores  and 
the  corporate  office 

Multiple  responses  allowed 

tomers  expect  retailers  to  be  able  to  perform  accurate 
cross-store  inventory  checks,  she  says. 

Scott  Langdoc,  a  vice  president  at  AMR  Research,  agrees 
the  evolution  to  more-interactive  point-of-sale  transac¬ 
tions  is  driving  the  need  for  persistent  connectivity 
However,  the  ongoing  high  cost  of  per-store  connectivity 
is  a  big  issue,  particularly  for  smaller  retail  companies. 

“For  a  retailer  with  50,000-square-foot  stores,  persistent 
connectivity  is  a  guarantee,”  Langdoc  says.“But  for  an 
8,000-square-foot  retailer  in  a  mall,  persistent  connectivity 
is  difficult.” 

For  retailers  that  can  afford  it,  frame  relay  is  the  WAN 
architecture  of  choice,  Langdoc  says.  Satellite  is  too 
expensive  for  all  but  the  largest  retailers.  As  DSL  and 
cable  services  become  readily  available,  retailers’  options 
will  expand. 

Burlington  Coat  has  a  frame  relay  network  linking  its 
stores  —  and  is  in  the  process  of  upping  its  connections 
from  56K  to  256K  bit/sec,  Friedman  says.  Burlington  Coat 
relies  on  its  network  for  online  credit-card  authorizations, 
managing  gift  cards  and,  most  recently,  online  check  veri¬ 
fication,  he  says. 

Shopping  for  POS 

Five  years  ago  most  retailers  purchased  both  hardware 
and  software  from  one  of  a  few  dominant  vendors  — 

IBM  or  NCR,  primarily  These  days  the  trend  is  toward 
making  independent  hardware  and  software  purchases, 
analysts  say. 

“Retailers  typically  make  a  strategic  decision  to  buy 
point-of-sale  software  and  hardware  together”  Langdoc 


says.“However,  there’s  a  growing  trend  to  separate  the  ven¬ 
dors  that  provide  each  of  those  pieces.” 

Phased  capital  expenditures  are  also  a  driver.“In  an 
ideal  world,  retailers  would  like  to  roll  out  pieces  and 
parts  of  the  hardware,  and  pieces  and  parts  of  the  soft¬ 
ware  functionality  separate^’ Gupta  says. 

In  response,  hardware  vendors  are  working  to  make 
sure  their  gear  is  modular  and  that  any  operating  system 
can  run  on  them, so  customers  can  buy  peripherals, such 
as  scanners  or  scales,  only  as  needed.“All  of  the  point-of- 


sale  vendors  have  opened  their  hardware  to  be  able  to 
run  operating  systems  of  choice,”  Langdoc  says. 

For  example,  Wincor  Nixdorf  has  software  that  lets  it  run 
applications  based  on  IBM’s  legacy  4690  operating  system 
on  its  POS  hardware.“We’ve  been  catering  to  this  whole 
issue  by  developing  products  that  allow  retailers  to  de¬ 
couple  their  existing  legacy  implementations  and  up¬ 
grade  one  piece  at  a  time,”  Evans  says.  . 

Most  recently  IBM  announced  plans  to  introduce  a  new 
POS  platform  built  on  SuSe  Linux’s  Enterprise  Server  soft¬ 
ware.  In  the  past,  IBM  offered  an  open  platform  on  which 
any  operating  system  or  POS  application  could  run  — 
however  IBM  primarily  supported  its  own  4690  applica¬ 
tion,  Langdoc  says.The  SuSe  deal  signals  that  Linux  will 
be  IBM’s  platform  of  choice  going  forward.“All  of  a  sud¬ 
den,  this  enables  a  new  set  of  [Java  2  Platform  Enterprise 
Editionj-based  point-of-sale  applications  to  ride  on  IBM’s 
platform,”  he  says. 

Langdoc  doesn’t  expect  Linux  to  overtake  the  predomi¬ 
nant  Windows  in  new  POS  initiatives,  but  more  retailers 
are  opting  for  the  open  source  alternative,  he  says. 

Burlington  Coat  chose  Wincor  Nixdorf  systems  run¬ 
ning  Linux  for  two  reasons.“First,we  didn’t  want  to  be 
beholden  to  Microsoft.  Second,  the  overhead  and 
administrative  needs  related  to  Microsoft  are  consider¬ 
ably  higher  than  they  are  related  to  Linux,”  he  says. 

With  minimal  modifications,  Burlington  Coat  was  able 
to  run  its  existing  homegrown  POS  software  on  its  new 
hardware,  Friedman  says.The  retailer  is  in  the  process  of 
updating  its  homegrown  software  to  include  layaway 
and  special  order  capabilities,  Friedman  says.B 


Retailers  are  looking  to  improve  communications  with  corporate  offices  and  offer  more  in-store 
shopping  options  by  Web-enabling  their  store  systems,  according  to  LakeWest  Group’s  survey  of 
the  100  largest  U.S.  specialty  retailers. 

Primary  reasons  for  Web-enabling  retail  store  systems: 


Improve 

communication 


Offer  centralized 
lookups 


Enable  access  to  the 
company  Web  site 


Place  customer  orders 
online  in  the  store 


Enter  merchandise 
transfers 
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HIGH-DENSITY,  SCALABLE,  AND  RELIABLE 

-  24-PORT,  48-PDRT,  AND  96-PORT  10/100 

SWITCH,  WITH  GIGABIT  UPLINKS 
-12-PORT  COMBO  GIGABIT  SWITCH 

-  FIBER  AND  COPPER  MEDIA  FLEXIBILITY 

-  REDUNDANT  AND  HOT-SWAPPABLE  AC 

AND  DC  POWER 

-  SOFTWARE  AND  HARDWARE  RESILIENCE 


POWER  OVER  ETHERNET 

-IEEE  B02.3AF  COMPLIANT 
-  1  5  WATTS  OF  POWER  STANDARD  ON. 

EVERY  PORT  FOR  POE  SCALABILITY 
-CONNECTIVITY  FOR  B02.ll  ACCESS  POINTS 
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FastIron  Edge1'  Switches  let  you  do  more  with  less.  This  series  of  high-density  Layer 
2/3  switches,  including  the  world’s  first  96rport  10/100  plus  4  Gigabit  uplink  switch,  delivers 
the  features  of  a  chassis-based  switch  in  a  form  factor  designed  tor  environments  where  space 
is  limited  and  reliability  is  key.  Featuring  hot-swappable,  redundant  power  supplies,  standards- 
based  network  management,  a  common  user  interface,  and  the  time-proven  IrOnWare"'  soft¬ 
ware  suite,  these  switches  provide  a  powerful,  easy-to-use,  and  reliable  edge  solution.  Power  over 
Ethernet  and  flexible  access  control  features  make  these  switches  the  ideal  solution  for  network 
convergence.  Give  your  network  a  competitive  edge — get  a  FastIron  Edge  Switch..  Call 
I  SSS.  I  URBOLAN  (I  .888.887.2652)  or  visit  www.tbundrynetworks.coin/fes. 
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A  Triple  Play  of  Bandwidth  Savings ,  Increased  Server  Capacity  and  Extended  Life  Cycle 


THE  IDEA 


was  to  provide  more  widespread  access  to  business-critical 
enterprise  applications  without  increasing  the  administrative 
burden  on  the  IT  department.  Before  that  goal  would  be  realized,  however, 
Santa  Clara  University  (SCU)  got  a  lesson  in  what  ca  n  go  wrong  with 
Web-based  applications  and,  more  importantly,  how  to  remedy  the  problems. 


In  July  of  2002,  SCU  made  the  move  to 
PeopleSoft  8,  the  Web-enabled  version  of  the 
popular  application  suite.  The  school  uses 
PeopleSoft  to  support  human  resources,  financial 
and  student  administration  applications,  including 
admissions,  financial  aid  and  course  registration 
programs,  says  Ron  Danielson,  chief  information 
officer  for  SCU,  an  8,000-student  university  in 
Santa  Clara,  Calif. 

“As  much  as  we  possibly  can,  it’s  our  intention 
to  push  access  to  administrative  information  out 
to  students,  faculty  and  staff,”  Danielson  says.  With 
the  previous  version  of  PeopleSoft,  that  was  a  chal¬ 
lenge  because  it  required  client  software  on  each 
user’s  desktop.  “With  the  Web  front  end,  anybody 
with  a  browser  can  come  in  and  get  access.” 

Access  they  did,  so  much  so  that  the  university’s 
application  servers  were  overloaded  and  perform- 
ante  was  much  slower  than  with  the  previous 
version.  “We  were  one  of  the  first  half-dozen 


universities  in  the  country  to  upgrade  to 
PeopleSoft’s  new  Web-based  product,  and  we 
thought  we’d  spec’d  out  our  network  and  equip¬ 
ment  adequately  to  meet  our  performance 
needs,”  he  says.  “But  we  weren’t  even  close.” 


SCU’S  REDLINE  BENEFITS 
AT  A  GLANCE: 


■  Bandwidth  reduction:  E|X  3250  reduces 
bandwidth  requirements  by  up  to  10M  bit/sec, 
saving  SCU  at  least  $48,000  per  year. 

■  Increases  server  capacity:  Offloads  connection 
management,  1/0  and  SSL  processing, 
essentially  cutting  server  loads  in  half. 

■  Reduces  number  of  network  components: 
Reduces  the  amount  of  data  traffic,  enabling 
network  components  such  as  firewalls  to 
handle  more  load. 


IN  SEARCH  OF  A  FIX 

Initially,  Danielson  and  his  staff  tried  throwing 
more  hardware  and  software  at  the  problem.  To  an 
initial  configuration  of  one  Web  server  and  one 
application  server,  they  added  three  more  Web 
servers  and  one  new  application  server.  They  also 
brought  in  performance  management  and  soft¬ 
ware  tuning  tools,  and  changed  some  PeopleSoft 
parameters  related  to  processing  input  from  users. 

“This  brought  performance  to  tin  ‘acceptable’ 
level,”  Danielson  says.  “But  now  we  had  six  servers 
instead  of  two,  and  we  were  still  spending  a  lot 
more  time  on  the  problem  than  we  would  have 
liked.” 

In  the  fall  of  2002,  the  university  learned  about 
Redline  Networks  of  Campbell,  Calif.  Redline 
makes  a  family  of  appliances  designed  to  improve 
Web-based  application  performance  by  offloading 
from  the  server  I/O  processing  and  connection 
management  chores,  while  compressing  content 
to  conserve  bandwidth. The  appliances  also  handle 
Secure  Sockets  Layer  (SSL)  processing,  thus 
serving  to  improve  security. 

LESS  BANDWIDTH, 

MORE  PERFORMANCE 

In  November,  SCU  installed  one  of  Redline’s 
E  |  X  3250  appliances  and  saw  an  immediate, 
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dramatic  improvement.  Bandwidth  usage  associated 
with  the  PeopleSoft  applications  plummeted  by 
70%,  thanks  to  the  compression  features  inherent  in 
the  E  |  X  3250.  At  the  same  time,  because 
the  E  |  X  3250  handled  connection  management 
chores  and  I/O  processing,  server  capacity 
effectively  doubled. 

The  magnitude  of  server  capacity  and  per¬ 
formance  improvements  hit  home  when  one  of 
the  university’s  servers  went  down  for  more  than 
a  week.  “We  didn’t  even  notice  a  change  in  per¬ 
formance,”  Danielson  says.  “That  tells  us  how 
much  headroom  the  Redline  box  has  given  us 
with  our  PeopleSoft  applications.” 

Like  the  rest  of  Redline’s  enterprise  applica¬ 


tion  processors,  the  E  |  X  3250  sits  in  front  of 
servers  and  receives  requests  from  hundreds  or 
thousands  of  client  browsers.  It  processes  the 
thousands  of  relatively  slow  requests  as  they 
come  in  from  users  and  shuttles  them  to  the 
appropriate  servers  at  high  speed  over  just  a  few 
dozen  persistent  TCP  connections. 

“As  far  as  the  Web  servers  are  concerned, 
they  have  a  single  connection,  which  is  to  the 
Redline  box,”  Danielson  says.  The  servers  no 
longer  have  to  perform  complex  scheduling  of 
requests  arriving  randomly  over  a  large  num¬ 
ber  of  connections.  Instead,  they  service  each 
response  as  it  arrives  and  send  information 
back  to  the  enterprise  application  processor, 
which  delivers  pages  to  the  client  browser  at 
whatever  speed  the  browser  can  efficiently 
handle. 

The  E  |  X  3250  worked  so  well  for  SCU’s 
PeopleSoft  implementation  that  the  university 
soon  installed  an  additional  unit  to  improve  the 
performance  of  Novell  GroupWise  servers  that 
provide  Web-based  e-mail  access.  Here  the  E  |  X 
3250  sits  in  front  of  four  servers,  performing 
load  balancing,  connection  management  and 
compression.  For  its  GroupWise  application,  the 
university  also  takes  advantage  of  the  E  |  X  3250’s 
SSL  offload  capability,  which  obviates  the  need 
for  the  servers  to  maintain  large  amounts  of  user 


data,  including  client  certificate  infor¬ 
mation.  It  also  ensures  that  end  users 
have  no  direct  access  to  the  application 
servers  and  the  often-sensitive  infor¬ 
mation  they  contain. 

Results  from  the  GroupWise  imple¬ 
mentation  have  been  similar  to  those 
for  PeopleSoft:  bandwidth  consump¬ 
tion  on  the  university’s  WAN  links  has 
been  cut  in  half  and  response  time  has 
improved. 

SAVINGS,  SAVINGS, 
SAVINGS 

The  bottom  line,  Danielson  says,  is 
that  the  Redline  appliances  enable 
SCU  to  realize  savings  in  three  areas: 
bandwidth  reduction,  increased  server 
capacity  and  extended  life  cycle  of 
other  network  components. 
Bandwidth  savings  come  from  the 
compression  features  of  the  appliance,  which  are 
browser-aware  to  adaptively  compress  content 
for  each  requesting  user  and  never  require  spe¬ 
cialized  client  software.  The  features  save  6M  to 
10M  bit/sec  of  bandwidth,  which  Danielson  says 
would  cost  the  university  an  additional  $4,000 
to  $5,000  per  month. 

In  terms  of  server  capacity,  Danielson  figures 
he  could  remove  two  of  the  four  servers  sup¬ 
porting  his  PeopleSoft  implementation  without 
suffering  a  performance  hit,  although  he  has 
opted  to  leave  the  installation  as-is  to  allow  for 
anticipated  growth  in  the  number  of  applica¬ 
tions  and  users.  Similarly,  on  the  e-mail  side, 
“We  probably  won’t  have  to  grow  that  server 
farm  dramatically  to  handle  additional  load,”  he 
says. 

Just  as  the  Redline  appliances  enable  him  to 
get  more  life  out  of  his  servers,  they  do  the  same 
for  network  components  such  as  firewalls. 
“With  the  Redline  box  reducing  bandwidth 
usage,  there’s  less  for  the  firewalls  to  examine,”  so 
a  single  firewall  can  effectively  handle  more 
load. 

In  coming  months,  SGU  will  be  adding  to  its 
Redline  implementation  another  server  group 
that  supports  university  financial  applications. 

To  sum  up,  Danielson  says,  “This  box  delivers 
on  all  its  claims.” 


LEARN  MORE  ABOUT  REDLINE  NETWORKS  ONLINE 
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Find  Out  How  Santa  Clara  University  Webijied  Peoplesoft  and  Won. 
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Together,  Lucent  Worldwide  Services  and  Bell  Labs  bring  you  unrivaled  networking  expertise  and  intelligent 
tools  to  help  make  your  network  more  secure.  With  our  Network  Survivability  Assessment  Service,  we  analyzed 
a  global  service  provider's  network  and  quickly  developed  a  security  scorecard  recommending  critical  network 
enhancements  across  eight  security  dimensions.  Then  we  showed  them  how  to  make  the  upgrades  without 
service  disruption.  See  how  we  can  make  your  network  more  productive,  more  reliable,  and  more  secure  than 
it  is  today  at  www.lucent.com/lws. 
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■  EXTRANETS  ■  INTEREXCHANGES  AND  LOCAL  CARRIERS 
■  WIRELESS  ■  REGULATORY  AFFAIRS  ■  CARRIER  INFRASTRUCTURE  DEVELOPMENTS 


Softswitch  market  gaining  momentum 

RBOCs  start  to  unveil  their  plans,  signaling  the  technology  isn’t  just  for  smaller  carriers. 


r 

RBOCs  and  softswitches 

- ^ 

The  regional  Bell  operating  companies  have  all  started  to  use 
softswitches  to  deliver  services  or  at  least  announced  plans. 
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■  BY  TIM  GREENE 

As  major  carriers  adopt  softswitches,  the 
big  beneficiaries  will  be  businesses  —  at 
least  in  the  short  term. 

Cable  TV  providers  such  as  Cablevision 
and  new  carriers  such  as  Vonage  sell  most¬ 
ly  residential  IP  voice  services  based  on 
this  technology  but  larger  providers  such 
as  the  RBOCs,  Sprint  and  AT&T  are  aiming 
initially  at  corporate  customers. 

The  most  likely  voice  service  to  pop  up 
first  will  be  IP  Centrex,  with  all  the  features 
of  traditional  Centrex,  plus  Web  interfaces 
to  add  and  delete  services,  click-to-cali, 
configure  phones,  see  a  list  of  who  called, 
access  calendaring  and  set  the  service  to 
find  users  at  different  numbers. 

“These  are  services  impossible  to  deliver 
with  traditional  circuit-switched  networks,” 
says  Kevin  Mitchell, an  analyst  at  Infonetics. 

Softswitches  are  carrier-class  servers  sepa¬ 
rate  from  the  generalized  hardware  they 
control, such  as  packet  switches  and  media 
gateways.  In  traditional  circuit-switched 
voice  networks,  the  software  that  governs 


■  Narad  Networks,  a  maker  of 
broadband  access  gear  for  cable  net¬ 
work  operators,  has  announced  $17.5 
million  in  funding  from  new  and  exist¬ 
ing  investors.  New  investor  Argo 
Global  Capital  led  the  equity  financing 
and  included  existing  investors  such 
as  Polaris  Venture  Partners.  The  funds 
will  be  used  to  support  the  company's 
delivery  of  products  that  cable  opera¬ 
tors  use  to  deliver  services  such  as 
VoIP  to  business  customers. 

■  Sprint  announced  last  week  that 
the  Department  of  Defense  inked  a 
one-year  deal  with  the  carrier.  Sprint 
will  provide  “tactical  communication 
systems"  for  the  U.S.  Air  Force  in 
Southwest  Asia.  Sprint  says  this  is  the 
fourth  contract  the  Defense  Depart¬ 
ment  has  signed  with  the  service 
provider  in  the  past  seven  months.  The 
deals  are  worth  a  total  of  $14  million. 


services  is  tied  to  the  switching  gear.  Also 
with  softswitches  controlling  IP  voice,  inte¬ 
grating  voice  with  data  services  is  easier 
because  they  are  both  based  on  IP  packets. 

In  the  long  term,  converting  carrier  voice 
networks  to  IP  will  result  in  streamlined 
networks  and  the  opportunity  to  quickly 
develop  and  deploy  new  services.  Tough 
times  in  the  telecom  business  have  slowed 
adoption  of  these  softswitches  by  limiting 
capital  spending  over  the  past  two  years, 
says  Tom  Valovic,  an  analyst  with  IDC.  But 
carriers  have  discovered  that  specific  ser¬ 
vices  such  as  IP  Centrex  can  pay  for  them¬ 
selves  quickly,  he  says. “These  decisions  are 
based  on  new-service  revenues,”  Valovic 
says,  not  on  long-term  network  upgrades 
that  will  yield  efficiencies  eventually 

While  capital  spending  won’t  increase  sig¬ 
nificantly  providers  likely  will  spend  a  larg¬ 
er  percentage  of  their  budgets  on  IP  gear, 
including  softswitches,  says  Mark  Kaish, 
BellSouth ’s  vice  president  of  data  services. 

As  a  result,  2004  is  expected  to  be  a  big 
year  for  softswitches  in  the  U.S.  and 
Canada,  according  to  Infonetics,  with  rev¬ 
enues  expected  to  grow  by  50%.  Spending 
on  the  gear  was  $134  million  last  year,  a 
13%  jump  from  the  year  before,  so  it  looks 
as  if  the  technology  might  be  turning  a  cor¬ 
ner,  Mitchell  says.  But  at  $134  million, 
softswitch  spending  is  a  pittance  com¬ 
pared  with  the  $49  billion  overall  spending 
by  carriers  on  network  equipment. 

Smaller  carriers  that  have  no  traditional 
phone  networks  and  can  dive  in  with  pure 
IP  services  at  the  start  are  pressuring 
RBOCs,  offering  more  features  at  lower 
prices.  Vonage  offers  unlimited  calling  for 


businesses  plus  a  fax  line  for  $50  per 
month.“Vonage  drummed  up  a  lot  of  inter¬ 
est  in  VoIP  and  the  cable  companies  fol¬ 
lowed  suit.  [The  RBOCs]  had  to  come 


■  BY  JIM  DUFFY 

Overture  Networks,  a  young  company  tar¬ 
geting  the  packet-based  multi-service 
access  market,  this  week  is  scheduled  to 
unveil  an  addition  to  its  product  line  for 
small  to  midsize  service  providers. 

The  ISG  2200  is  designed  to  let  service 
providers  mix  and  match  new  and  legacy 
services  while  gradually  migrating  legacy 
infrastructure  to  a  packet-based  founda¬ 
tion.  The  ISG  2200  is  a  follow-on  to  Over¬ 
ture's  flagship  ISG  5000,  which  is  installed 
in  more  than  100  larger  sites. 

While  the  ISG  5000  features  four  interface 
slots  to  hold  Ethernet  and  legacy  interfaces 
—  such  as  NxT-l/E-1,  NxDS-3,  OC-3c  and 
OC-12c  —  the  2200  sports  a  single  inter¬ 
face  slot  and  fixed  ports.  It  carries  the  same 
cards  as  the  5000  and  runs  the  same  soft¬ 
ware,  which  supports  Ethernet  virtual  LAN 
stacking  and  switching,  Multi-protocol 
Label  Switching  (MPLS),  Virtual  Private 
LAN  Services,  Protected  Switch  Ring  (PSR) 
and  circuit  emulation. 

PSR  is  Overture’s  answer  to  the  IEEE 
802.17  Resilient  Packet  Ring  (RPR)  stan¬ 
dard  for  packet-optimized  metropolitan 


across  with  something,”  to  indicate  they 
had  IP  voice  plans  as  well, Valovic  says. 

The  RBOCs  have  a  different  view.  In  the 
long  term,  IP  voice  at  a  reduced  price  will 
not  be  attractive  as  regulators  sort  out 
how  to  treat  packet  voice,  Kaish  says.  In 
the  end,  the  features  unique  to  IP  voice 
will  be  the  reason  customers  buy  it,  and  at 
least  initially  that  is  business. 

Nevertheless,  the  hype  surrounding  VoIP 
has  carriers  eager  to  be  included,  Mitchell 
says.That  resulted  in  a  flurry  of  announce¬ 
ments  late  last  year  from  RBOCs,  the  most 
significant  of  which  was  that  Verizon  will 
use  Nortel  softswitches  exclusively  for  the 
next  18  months  to  support  multimedia  IP 
services.  It  also  will  use  Nortel  gear  to  add 
local  switching  capacity  Verizon  says,  but  it 
offers  no  details  on  the  scale  of  these  pro¬ 
jects.  Services  based  on  Nortel  softswitches 
aren’t  expected  until  midyear,  analysts  say 
SBC,  wanting  to  jump  on  the  IP 
See  Softswitch,  page  42 


ring  architectures  that  include  SONET-like 
—  50  millisec  —  resiliency  Unlike  RPR,  PSR 
does  not  introduce  a  new  media  access 
control  address. 

The  products  can  be  used  together  or  in¬ 
dividually  to  replace  M13  multiplexers  for 
on-network  managed  Ethernet  service  pro¬ 
visioning  and  to  turn  up  dark  fiber,  or  add 
Ethernet  or  other  managed  services  to  ex¬ 
isting  fiber.  They  also  can  be  used  to  re 
place  M13s  and  add/drop  multiplexers  in 
off-network  applications  to  extend  Ether¬ 
net  overT-ls  or  DS-3s,or  to  facilitate  the  mi¬ 
gration  to  a  next-generation  MPLS  core 
with  a  SONET  or  PSR  ring. 

The  2200  is  expected  to  ship  in  February 
Pricing  has  not  been  released. 

Overture  has  resale  arrangements  with 
NEC  and  Movaz  Networks,  a  maker  of  met¬ 
ropolitan  opt'cal  systems.  ■ 
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One  trend  I’m  forecasting  for  this  year 
is  that  VoIP  services  will  go  main¬ 
stream  —  prediction  No.  3  from  last 
week.  It’s  too  soon  to  mark  this  one  correct, 
but  I  was  thrilled  to  get  this  e-mail  from  a 
reader  two  weeks  ago  (after  my  column 
was  written  but  before  it  appeared  in  print): 

“1  thought  I’d  share  a  prediction  of 
mine,”  writes  this  person,  who  manages 
outsourced  services  for  a  large  bank.  “I 
continue  to  be  impressed  with  the  bits 
and  pieces  of  information  that  I’ve  been 
seeing  from  MCI  and  other  telecom  play¬ 
ers  about  managed  VoIP  (or  IP  Centrex,  if 
you  prefer).  Cisco,  Avaya  and  other  manu¬ 
facturers  are  going  to  shift  their  approach 


The  time  is  right  for  IP  Centrex 


to  selling  into  the  service  provider  realm. 
Doing  it  yourself  for  any  business  except 
the  largest  will  become  unattractive  due 
to  the  management  requirements.” 

He’s  essentially  talking  about  IP  PBX  ven¬ 
dors  and  service  providers  collaborating  to 
offer  managed  IP-based  Centrex  services. 
BellSouth,  MCI,  Qwest,  SBC  and  Verizon  are 
aggressively  promoting  such  services,  and 
vendors  such  as  Cisco,  Lucent,  Nortel  and 
smaller  players  are  driving  partnerships 
with  these  providers. 

Centrex  services,  you’ll  recall,  are  basic¬ 
ally  “PBX-less”  business  phone  services  in 
which  all  the  functionality  resides  on  a 
Class  5  switch  on  the  carrier’s  network.  In 
other  words,  as  with  consumer  phone  ser¬ 
vices,  the  carrier  owns  and  operates  the 
switch,  but  unlike  consumer  phone  ser¬ 
vices,  Centrex  offers  business-class  services 
(a  private  dialing  plan,  call  transfer,  confer¬ 
encing  and  forwarding).  Most  importantly 
the  carrier  assumes  both  the  capital  cost  of 


the  equipment  and  the  day-to-day  man¬ 
agement  responsibility  for  users. 

By  offering  such  services  over  IP  telcos 
potentially  can  reduce  the  cost  to  end 
users  —  because  voice  and  data  share  the 
same  circuit,  dedicated  voice  circuits 
aren’t  required  as  often.  Moreover,  the  cost 
for  user  moves,  adds  and  changes  can  go 
down  dramatically  Nemertes  has  bench- 
marked  that  the  typical  in-house  PBX  user 
pays  roughly  $100  per  user  change. With  IF) 
costs  can  drop  to  virtually  zero.  Finally,  IP 
Centrex  providers  easily  can  offer  inte¬ 
grated  data  services  such  as  unified  mes¬ 
saging  and  Web  hosting. 

The  combination  of  lower  cost  and  better 
service  is  compelling,  but  that’s  not  all.  IP 
Centrex  services  can  simplify  network  con¬ 
figuration,  resulting  in  easier  management 
and  higher  reliability 

“To  my  mind  there  are  two  really  com¬ 
pelling  points  in  MCI’s  offering,”  the  reader 
writes.  “First,  domestic  long-distance  is  in¬ 


cluded  in  the  base  rate.  Second,  and  very 
important  to  simplifying  management,  is 
MCI’s  ability  to  provide  local  numbers  from 
multiple  branch  locations  via  a  single  con¬ 
nection.  Avoiding  the  need  for  local  [pub¬ 
lic  switched  telephone  network]  gateways 
at  each  branch-office  site  seems  extremely 
attractive  to  me.” 

The  upshot  is  IP  Centrex  could  radically 
modify  how  vendors  and  service  providers 
position  their  offerings.  From  a  user  stand¬ 
point,  while  such  services  might  initially 
take  off  in  the  small  to  midsize  enterprise 
market,  managed  VoIP  services  will  begin 
to  become  attractive  to  all  organizations, 
particularly  as  carriers  fine-tune  their  busi¬ 
ness  models  and  evolve  to  offer  innovative 
converged  services. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research ,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Market  report  highlights  telecom  growth 


■  BY  DENISE  PAPPALARDO 

Not  only  is  the  telecom  industry  growing 
at  its  strongest  rate  since  2000,  but  business 
users  also  are  paying  less  for  key  services 
such  as  high-speed  Internet  access,  accord¬ 
ing  to  a  new  report. 

The  U.S.  telecom  market  is  expected  to 
grow  6.8%  by  year-end  to  $769  billion, 
according  to  a  report  from  the  Telecommu¬ 
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opportunity,  has  signed  on  with  Level  3  to 
offer  SBC  customers  IP  voice  services 
based  on  Level  3’s  all-IP  network  with 
voice  services  based  solely  on  softswitch- 
es.  SBC  says  it  plans  to  announce  details 
this  quarter.  Level  3  says  it  has  signed  up 
Qwest  as  well.  Qwest  won’t  say  what 
softswitches  it  uses,  but  previously 
announced  using  Lucent,  Nortel  and 
Sonus  gear. 

BellSouth  is  offering  IP  Centrex  services 
in  some  of  its  cities  and  plans  to  announce 
more  softswitch-based  services  in  the  next 
few  months. 

RBOCs  are  carefully  choosing  where  to 
offer  softswitch-based  services.  It  looks  as 
though  for  quite  awhile,  these  services 
won’t  be  available  everywhere,  Current 
Analysis  says.  In  a  report  about  Verizon’s 
relationship  with  Nortel,  the  analyst  firm 
says  softswitch  purchases  today  are  just  the 
start  of  a  long  migration.  Its  comments 
about  Verizon  could  just  as  well  be  about 
any  of  the  other  RBOCs: “It  will  take  years, 
and  more  than  likely  decades,  before 
Verizon  or  the  vast  majority  of  its  cus- 
tomers  will  see  any  tangible  benefits  from 
this  network  transformation.”  ■ 


nications  Industry  Associa¬ 
tion  (TIA). 

The  U.S.  telecom  market 
grew  1.3%  in  2002  and  4.7% 
in  2003. 

Although  the  carrier  equip¬ 
ment  market  is  still  de¬ 
pressed,  enterprise  custom¬ 
ers  are  investing  in  networks. 

Last  year  businesses  spent 
$94  billion  on  voice  and  data 
equipment.  In  2004  users  are 
expected  to  spend  $99.7  bil¬ 
lion,  a  6.1%  increase. 

Business  users  still  spend 
the  bulk  of  their  network 
dollars  on  internetworking 
gear,  but  many  spent  more 
on  PBX  and  videoconferenc¬ 
ing  gear  last  year.  Aging 
voice  switches  and  the  need 
to  support  remote  workers 
are  two  reasons  cited  for  the 
strong  growth,  according  to 
Arthur  Gruen,  one  of  the  authors  of  the 
report  and  a  principal  at  consulting  firm 
Wilkofsky  Gruen  Associates. 

Users  spent  $71  billion  on  internetwork¬ 
ing  equipment  in  2003,4.5%  more  than  the 
previous  year.  But  they  spent  12%  more  on 
PBX  gear  and  28.6%  more  on  videoconfer¬ 
encing  equipment. While  the  growth  rate  is 
significant,  users  overall  make  smaller 
investments  in  these  areas.  Corporations 
spent  $4.2  billion  on  PBX  and  less  than 
about  $900  million  on  videoconferencing 
equipment,  according  to  the  report. 

After  three  years  of  huge  declines,  carriers 
are  expected  to  spend  2.3%  more  on  equip¬ 
ment  this  year, according  to  the  study. While 
that  increase  appears  small,  it  might  repre¬ 
sent  a  turning  point  for  the  industry 

Businesses  also  are  spending  more  on 


Telecom  bright  spots 


Corporations  are  spending  more  on  equipment,  and  buying  more  high-speed  Internet 
access  and  wireless  services. 
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enterprise  services,  including  high-speed 
Internet  access  and  wireless  services. 
There  are  more  business  users  buying 
both  offerings  and  some  are  getting  better 
deals,  especially  for  DSL  and  cable 
modem  Internet  access  services. 

Last  year  business  users  paid  about  $127 
per  month  for  DSL  services.The  report  pre¬ 
dicts  DSL  rates  will  continue  to  fall  over 
the  next  three  years  to  $122  per  month. 

Consumers  also  should  expect  lower  DSL 
prices  over  the  next  three  years.  In  2003,  on 
average,  consumers  paid  about  $43  per 
month  for  DSL.  By  2007  users  might  pay 
only  $35  per  month,  according  to  the 
report.  In  general,  consumer  DSL  services 
support  128K  bit/sec  at  the  low  end  and  up 
to  768K  bit/sec  of  throughput  at  the  high 
end,  and  do  not  include  service-level  guar¬ 


antees.  Business-grade  DSL  typically  sup¬ 
ports  up  to  1.5M  bit/sec  and  service-level 
guarantees,  which  is  why  it  costs  more. 

There  also  are  deals  to  be  had  in  the 
cable  modem  service  market.  Analysts  pre¬ 
dict  there  will  continue  to  be  more  cable 
modem  users  than  DSL  users.  In  2003  there 
were  12.9  million  cable  modem  users  and 
7.8  million  DSL  users.  But  most  industry 
analysts  point  out  there  are  far  fewer  busi¬ 
nesses  that  use  cable  modem  services.The 
TIAs  report  doesn’t  distinguish  between 
residential  and  business  cable  modem  cus¬ 
tomers  as  it  does  for  DSL. 

Nonetheless,  monthly  service  fees  are  ex¬ 
pected  to  fall  by  3.4%  over  the  next  three 
years.  In  2003  users,  on  average,  paid  about 
$45  for  cable  modem  services.That  month¬ 
ly  fee  is  expected  to  drop  to  $39  by  2007.B 


hp  ProLiant  Dll  40 


The  new  HP  ProLiant  DL140,  powered  by  the  Intel  Xeon  processor,  delivers  the  expandable  performance  your  workload 

demands.  Now  you  can  get  the  ProLiant  reliability  you  expect  at  a  price  you  might  not — and,  through  January  31,  you'll  get  double  the  memory  for  free.  HP's  newest 
server  is  designed  with  the  latest  industry-standard  technologies  to  keep  it  affordable,  easy  to  set  up,  integrate  and  maintain.  The  reliable,  hardworking  DL140  helps  you 
spend  more  time  focusing  on  your  business  and  less  time  serving  your  server.  Demand  more  of  what  you  need.  Demand  a  server  that's  powerfully  simple  and  HP 
dependable.  Demand  it  for  less  from  HP. 


HP  ProLiant  DL140 
SERVER 

with  Free  Double  Memory 

$1,149 

One  Intel®  Xeon™  processor  2.40GHz 
(upgradable  to  2) 

1 GB  SDRAM  for  the  price  of  51 2MB 
(upgradable  to  4GB) 

80GB  ATA  Hard  Drive* 

Integrated  Dual  10/100/1000  NICs 

One  PCI-X  64-bit/l 33MHz  slot 

Standard  Quick  Deployment  Rails 

1-Year  Limited  Global  Warranty* 


invent 


To  find  out  more,  visit  www.hp.com/go/hp5  or  call  1-800-888-5814. 
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Take  control  of  your  Internet  security. 


Introducing  Proventia"  Enterprise  Protection  Products.  Just  because  Internet  threats  are 
complex,  doesn't  mean  your  security  has  to  be.  Finally,  a  single,  unified  protection  appliance 
that  protects  more  with  less,  eliminating  the  cost  and  chaos  of  multiple  stand-alone  security 
products.  Proventia'”  centrally-managed  products  range  from  detection  up  to  completely 
unified  and  proactive  multi-function  protection  appliances,  combining  firewall,  intrusion 
prevention  and  anti-virus  technologies.  Take  control  of  your  enterprise  security.  Switch  to 
Internet  Security  Systems  today.  800-776-2362.  www.iss.net/takecontrol. 
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©  2003  Internet  Security  Systems.  Inc.  All  rights  reserved  worldwide. 


Virtualization  downsizes  the  data  center 


HOW  IT  WORKS 


Network  virtualization 

A  virtualized  system  uses  a  custom  ASIC  and  CPU  to 
manage  bandwidth,  processing  and  memory  re¬ 
sources.  The  systems  administrator  provisions  each 
virtualized  partition  with  network  services,  such  as 
firewall,  VPN,  and  intrusion  detection  and  prevention. 


Network  virtualization  switch 


®  fi^l/OP°rt/ff% 

VLAN  ^ 


■  BY  DAVE  ROBERTS 

Data  centers  run  an  array  of  computing, 
storage  and  network  systems  that  creates 
management  challenges  and  strains  IT 
resources.  There’s  a  growing  need  to  sim¬ 
plify  and  automate  data  center  networks  to 
make  them  run  smarter  and  more  effi¬ 
ciently  Network  virtualization  technology 
is  key  to  accomplishing  that  goal. 

Virtualization  pools  IT  resources  and  allo¬ 
cates  them  as  needed  to  specific  tasks, 
allowing  users  to  meet  their  requirements 
with  fewer  physical  resources. 

Frame  relay  virtual  LANs,  logical  parti¬ 
tions  and  RAID  all  use  virtualization. 
Virtualization  is  being  applied  in  new  ways 
to  consolidate  and  automate  network 
functionality  in  data  centers. 

Network  virtualization  blends  the  eco¬ 
nomics  and  efficiencies  of  shared  systems 
with  the  integrity,  performance  and  secur¬ 
ity  of  independent  systems.  Virtualization 
switches  deliver  a  range  of  networking  and 
security  functions,  such  as  firewall  and 
intrusion  detection,  on  one  physical  hard¬ 
ware  platform.  Network  administrators  can 
configure,  deploy  and  manage  these  func¬ 
tions  as  if  they  were  separate  devices. 

While  virtualization  switches  combine 
functions,  they  also  partition  and  isolate  re¬ 
sources  into  multiple  sets.  Network  admin¬ 
istrators  can  operate  the  resources  and 
allocate  different  quantities  to  specific 
applications. 

Isolation  starts  at  the  configuration  level 
and  ensures  that  each  set  of  resources 
within  the  system  has  a  separate  configura¬ 
tion  so  that  a  misconfiguration  of  one 
applications  resources  will  not  interfere 
with  another  application.  A  service  proces¬ 
sor  performs  the  primary  processing  for 


O  Switch  I/O  port  receives  packet  from  network. 
©  I/O  port  identifies  packet  for  virtual  partition. 
©  I/O  port  sends  packet  to  virtual  partition. 


the  individual  network  services  configured 
in  the  virtual  partitions.  A  custom  ASIC  allo¬ 
cates  partitions  on  the  service  processor  to 
isolate  resources  all  the  way  down  to  the 
hardware  and  provides  each  virtualized 
instance  with  separate  queues,  buffers, 
memory  or  processing  resources. 

The  system  shifts  resources  between 
each  virtual  instance,  such  as  providing 
one  virtualized  instance  with  more  band¬ 
width  and  another  with  more  memory,  as 
requirements  dictate.  The  virtualized  sys- 


©  Service  processor  develops  list  for  packets  in 
the  flow  (routing,  alarms,  etc.). 

©  Service  processor  sends  packet  to  I/O  port. 
©  I/O  port  transmits  packet  to  network. 


tern  tracks  all  the  resources  used  whenever 
a  packet  or  service  is  being  processed  on 
the  application’s  behalf  so  that  one  virtual 
entity  cannot  monopolize  resources  at  the 
expense  of  another  virtual  entity 

Virtualized  systems  maintain  system 
integrity  by  establishing  protective  do¬ 
mains  that  prevent  the  failure  of  any  seg¬ 
ment  from  propagating  through  the  system 
and  affecting  other  virtual  entities. 

For  example,  if  a  virtual  firewall  on  the 
system  crashes,  the  rest  of  the  virtual  enti¬ 


ties  on  the  system  —  other  firewalls, VPNs, 
load  balancers  —  are  protected  from  the 
failure  and  continue  to  function  normally 
Once  the  system  detects  a  failure  in  a  vir¬ 
tual  entity  it  automatically  contains  it  by 
using  a  processor  memory  management 
unit  (MMU)  to  create  memory-protection 
domains  and  restarts  the  entity  without  dis¬ 
rupting  the  other  resources  in  the  system. 

When  a  service  crashes,  the  virtual  sys¬ 
tem  can  clean  up  the  memory  associated 
with  the  virtualized  partition  and  re-create 
it  from  scratch.This  feature  allows  for  quick 
service  restart  without  compromising 
other  partitions  in  the  system. 

Private  partitions 

Virtualized  network  systems  perform 
resource  management  at  the  hardware 
level  to  partition  and  protect  virtualized 
resources, so  they  don’t  mix  with  or  disrupt 
other  partitioned  resources  in  the  system. 
This  means  one  virtual  service  cannot 
“see”  any  other  virtual  services  on  the  sys¬ 
tem,  which  ensures  that  virtual  functions 
operate  independently  and  guarantees 
security  and  integrity  between  virtual  func¬ 
tions  on  one  hardware  platform. 

Network  virtualization  technology  lets 
corporations  increase  network  resource 
utilization  and  exert  more  control  over  re 
sources  and  how  they  are  allocated.  The 
company  also  gains  flexibility  and  speed 
in  scaling  the  resources.  Using  virtualiza¬ 
tion  to  reduce  the  number  of  physical 
devices  in  a  network  significantly  reduces 
the  cost  and  complexity  of  managing  net¬ 
work  infrastructure. 

Roberts  is  co-founder  and  vice  president  of 
strategy  for  Inkra  Networks.  He  can  be 
reached  at  dave@inkra.com. 


Dr.  Internet 


By  Steve  Blass 


What's  the  easiest  way  to  convert  data  stored  in 
comma-separated  value  files  into  XML  format?  We 
need  to  use  the  names  in  the  header  row  of  the 
CSV  file  for  the  XML  element  names  and  create  a 
basic  XML  document  containing  <rows>  filled  with 
the  named  elements  containing  our  data  values. 

You  can  find  CSV-to-XML  conversion  programs 
with  a  simple  Web  search.  The  easiest  solution  is 
to  let  somebody  else  do  it.  A  free  online  conver¬ 


sion  utility  found  in  the  Tools  section  at  www.cre 
ativyst.com  will  transform  files  up  to  250K  bytes 
using  a  simple  Web  form.  Paste  your  CSV  data 
into  the  form,  and  copy  the  XML  results  back 
using  your  browser.  Kirk  Evans  describes  how  to 
convert  CSV  to  XML  using  XSLT  and  the  XPATH 
functions  substring-before()  and  substring-after() 
to  parse  the  rows  and  values  on  the 
weblogs.asp.net  site  (details  at  www.nwfusion. 
com,  DocFinder:  9425).  You  have  to  wrap  the  CSV 


data  in  an  XML  <root>  tag  to  process  the  file  with 
XSLT.  For  converting  large  numbers  of  large  CSV 
files,  you  will  want  a  stand-alone  desktop  program, 
such  as  the  CSV  2  XML  Converter  from  www. 
goedeke.net,  which  lets  you  output  multiple  XML 
formats  from  existing  CSV  files. 

Blass  is  a  network  architect  at  Chcmge@Work  in 
Houston.  He  can  be  reached  at  dr.internet@ 
changeatwork.  com. 
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The  nuts  and  bolts  of  Flashy  presentations 
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Last  week  we  received  even  more  re¬ 
sponses  to  our  call  for  what  you  want 
to  read  in  this  column. Thanks.  Keep 
the  ideas  coming. 

This  week  we’re  going  to  start  looking  at  a 
phenomenon  of  the  Internet:  Macromedia 
Flash, one  of  the  key  technologies  that  have 
defined  how  the  Web  looks  and  feels. 

Flash  has  appeared  all  over  the  Internet 
in  everything  from  advertising  to  complete 
interactive  GUIs.  It  is  without  doubt  one  of 
the  most  useful  and  flexible  graphics  pre¬ 
sentation  tools  available  and,  according  to 
Macromedia,  can  be  used  by  98%  of  all 
Internet  users. 

Interestingly,  the  use  of  Flash  also  has 
attracted  lots  of  criticism  because  it  has 
led  to  more  aggressive  advertising  con¬ 
tent  and  has  been  overused  for  content- 
free  front-end  pitches  on  many  corpo¬ 
rate  Web  sites. 

So  why  is  it  that  Flash  has  become  so 
dominant  in  a  marketplace  positively 
overloaded  with  competing  tools?  The 


answer  lies  in  the  sophistication  and  per¬ 
formance  of  Flash  graphics  and  audio 
presentation,  the  excellent  Flash  develop¬ 
ment  tools  and  cross-platform  applicabili¬ 
ty  backed  by  the  not  inconsiderable 
Macromedia  marketing  machine.  Add  to 
that  third-party  vendors  that  provide  many 
tools  to  extend  and  augment  Flash  devel¬ 
opment. 

Flash,  acquired  by  Macromedia  in  1997 
and  originally  called  Future  Splash  Ani¬ 
mator,  grew  from  a  relatively  simple  ani¬ 
mation  program  into  a  huge  suite  of  tools 
and  services.  Under  the  hood,  the  Flash 
player  is  a  programmable  vector-based 
object-rendering  engine  that  displays 
Flash  “movies.”  While  the  player  handles 
raster  (aka  bit-map)  images,  much  of  its 
success  comes  from  the  performance 
advantage  that  vector  display  provides  in 
terms  of  animation  speed  and  decreased 
data  size  (vector  images  are  usually  con¬ 
siderably  smaller  than  bit-mapped  ones). 

Another  significant  improvement,  partic¬ 
ularly  important  for  Web  content  delivery, 
comes  from  streaming  —  the  Flash  play¬ 
er’s  ability  to  start  rendering  content 
before  the  complete  content  is  down¬ 
loaded. This  allows  for  faster  start-up. 

The  Flash  MX  application  is  where  you 
develop  content.  At  the  heart  of  this  is  a 


comprehensive  vector  graphics  editor 
that  also  can  edit  and  incorporate  bit¬ 
mapped  images.  You  construct  images  in 
the  “stage,”  on  which  groups  of  graphical 
elements  (lines,  curves  and  so  on)  that 
make  up  the  image  are  placed.  Images 
can  be  further  organized  into  layers  to 
allow  animation  of  the  content  of  a  spe¬ 
cific  layer. 

You  create  the  animation  against  a  time¬ 
line  by  specifying  “keyframes,”  which  are 
key  steps  in  the  animation  sequence 
where  changes  in  the  stage  contents 
occur,  and  regular  frames,  which  continue 
the  same  content  as  the  previous 
keyframe. 

To  animate  a  bouncing  ball,  for  exam¬ 
ple,  you  would  create  the  ball  in  a 
keyframe,  then  add  enough  regular 
frames  to  cover  the  duration  of  the  move¬ 
ment  —  the  higher  you  set  the  frame  rate 
the  smoother  the  ball’s  movement  but,  of 
course,  the  trade-off  is  a  bigger  output  file. 

Next  you  turn  all  the  regular  frames 
into  keyframes  and  modify  the  position 
of  the  ball  in  each  to  create  the  path  of 
the  ball. That’s  the  hard  way. The  easy  way 
is  to  use  “tweening”:  You  create  a  key- 
frame  with  the  object  to  be  animated 
and  then  another  empty  keyframe  sepa¬ 
rated  from  the  first  by  the  required  num¬ 


ber  of  frames. 

Now  select  all  the  frames  including  the 
keyframes  and  use  the  Create  Motion 
Tween  command  to  link  the  keyframes. 
Then,  by  moving  the  object  in  either  key- 
frame,  Flash  will  move  the  object  incre¬ 
mentally  to  its  position  in  the  other  key- 
frame  when  the  animation  is  played.  If 
you  select  any  regular  frame  between  the 
keyframes  and  move  the  object  in  that 
frame  to  a  new  position,  the  frame  will  be 
converted  automatically  to  a  keyframe. 
You  also  can  tween  shapes,  that  is,  con¬ 
vert  one  shape  into  another,  morphing  its 
colors  and  textures  at  the  same  time. 

Flash  MX  includes  an  overwhelming 
number  of  tools  and  techniques  that  take 
considerable  time  to  master,  although  you 
can  develop  good  results  with  just  the 
basics.  The  software  allows  for  transitions 
and  animations  such  as  fade-ins,  fly-ins 
and  spins,  and  supports  behaviors  that  do 
not  require  programming,  such  as  links  to 
a  Web  site  and  playing  movie  clips  and 
triggering  data  sources.lt  is  a  phenomenal 
feature  list.  Next  week,  we’ll  look  at 
ActionScript  and  Flash  content  deploy¬ 
ment. 

Present  your  thoughts  to  gearhead@ 
gibbs.com. 


Cool 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


WMA;  photo  formats  JPG,  BMI?PNG, 

Til;  JPG2000  and  GIF;  and  video  for¬ 
mats  MPEG-1,  MPEG-2,  MPEG-4,  DivX, 
QuickTime  and  Windows  Media 
video.  The  player  also  can  play  M3U, 
PLS,  ASX  and  RMP  playlist  formats. 
For  security  64-  and  128-bit  Wired 
Equivalent  Privacy  encryption  is  sup¬ 
ported. 


The  Motorola/Cingular  V400  features  a  4x-zoom  VGA  cam¬ 
era,  photo  caller  ID  functions,  and  GSM/GPRS  capability. 


Service  network  device,  which  means  users  can 
connect  to  GSM  networks  worldwide,  Cingular  said. 
The  device  includes  MP3  and  MIDI  ring  tone 
support,  and  will  start  at  about  $150  (after  $50 
rebate).  Go  to  the  Cingular  Web  site  for  details 
on  availability  and  rate  plans. 


D-Link  enters  network  media  player  market 

D-Link  Systems  said  last  week  that  its  new  Wireless 
Media  Player  will  let  users  play  digital  music  and  videos 
stored  on  a  PC,  and  view  photos,  on  a  TV  and  stereo  sys- 
tem.The  device  will  cost  about  $150  and  will  be  available 
late  next  month. 

The  device  connects  via  standard  audio/video  or  an 
S-video  cable,  and  connects  to  a  home  network  via  the 
802.1  lg  wireless  LAN  (WLAN)  standard  (or  wired  Ether¬ 
net). The  device  also  will  come  with 
a  free  six-month  trial  of  Radio- 
@AOL’s  streaming  radio  service 
(coming  in  April).  Supported  audio 
files  inciude  MP3,  WAV,  AIF  and 


D-Lir.k’s  new  device  streams  music, 
videos  and  photos  to  a  TV  and  stereo. 


New  Toshiba  notebook  includes 
802.1 1g 

Toshiba  last  week  launched  the  Satellite 
A45-S130  —  a  notebook  aimed  at  con¬ 
sumers,  students  and  “budget-conscious”  fam¬ 
ilies  —  which  includes  integrated  802.1  lg 
WLAN  connectivity  a  2.8-GHz  Intel  Celeron 
processor  and  SRS  TruSurround  XT  sound. 

The  notebook  is  priced  starting  at  about 
$1,200  and  is  available  at  www.shop 
toshiba.com. 

The  notebook  comes  with  a  40G-byte  hard 
drive,  512M  bytes  of  double-data-rate  SDRAM,  a  15- 
inch  XGA  display  a  DVD-ROM/CD-RW  combination 
drive, V92  modem  and  10/100M  bit/sec  Ethernet  ports, 
and  four  USB  2.0  ports.  It  runs  on  Windows  XP  Home 
Edition. The  notebook  also  includes  Microsoft  Office  One 
Note,  a  note-taking  application,  and  Microsoft  Works. 


Cingular  announces  Motorola  V400  availability 

Motorola  and  Cingular  Wireless  said  last  week 
Cingular  would  sell  Motorola’s  V400  flip  phone 
in  its  stores.  The  V400  includes  a  VGA  camera 
with  4x-zoom  features,  a  self-portrait  timer  and 
photo  caller  ID  functions.The  device  can  store 
up  to  5M  bytes  of  photos  on  the  phone  or  send 
them  via  Cingular’s  Multimedia  Messaging  Service.  The 
phone  also  is  a  quad-band  GSM/General  Packet  Radio 


EMachines  launches  64-bit  notebook 

EMachines  last  week  announced  a  64-bit 
notebook  that  includes  a  15.4-inch  wide¬ 
screen  display  and  802.1  lg  WLAN  con¬ 
nectivity 

The  M6805  and  M6807  models  include 
Advanced  Micro  Devices’ Mobile  Athlon 
64  processor  3000+  and  AMD’s  Power- 
Now  technology  eMachines  said. The 
systems  also  include  ATI’s  Mobility 
Radeon  9600  video  card  and  a 
16:10  aspect  ratio  on  its  display. 
The  M6805  includes  a  combi¬ 
nation  DVD/CD-RW  drive,  and 
start  at  about  $1,450  (after 
$100  rebate).  The  M6807 
includes  a  DVD-RW(+/-) 
drive  and  starts  at  about 
$1,550  (after  $100  rebate). 
Other  features  include  a  6- 
in-1  media  card  reader,  512M 
bytes  of  double-data-rate  RAM,  a 
60G-byte  hard  drive,  four  USB  2.0  ports,  one  IEEE  1394 
port,  a  PC  Card  (Type  I  or  II)  slot  and  10/100M  bit/sec 
Ethernet  port.  The  notebooks  weigh  about  7.5  pounds 
and  offer  up  to  2.5  hours  of  battery  life. 


Shaw  can  be  reached  at  kshaw@nww.  com. 
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►  Get  a  FREE 
copy  of  The 
Backup  Book* 

and  download  our 
enterprise  white  paper! 
Enter  code  ADV078  at 
www.theanswerisX.com 

‘First  100  respondents  only. 


- - -  ...  * 


IS  BACKUP  DRIVING  YOU 
TO  THE  EDGE? 


INTRODUCING  THE  DX100.  ► 


THE  ANSWER  IS  X. 


Superior  disk-based  backup  for  the  enterprise.  When  the  stress  of 
the  workday  pushes  you  to  the  edge,  one  thing  you  shouldn't  have  to  worry  about 
is  restoring  your  data.  The  Quantum  DX100  gives  you  one  less  thing  to  worry 
about  -  The  Answer  is  X.  The  new  DX100  is  an  optimized  disk-based  backup  and 
restore  solution  that  enables  IT  professionals  to  significantly  decrease  their  backup 
window  while  dramatically  boosting  data  availability.  Plus,  it  seamlessly  integrates 
into  virtually  any  existing  network  environment,  thus  preserving  your  backup 
processes.  For  the  complete  answer,  call  866-827-1500,  or  visit  us  on  the  Web  at 
www.theanswerisX.com. 
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EDITORIAL 

John  Dix 

Afresh  look 
at  the  lowly 
copier 


The  noise  around  enterprise  content  management  is 
getting  louder,  what  with  EMC’s  recent  acquisition  of 
Documentum  and  other  vendors  rushing  to  sort  out 
their  content  and  life-cycle  management  stories. 

If  we  are  to  believe  that  crowd,  content  is  king  and  we 
are  about  to  see  advances  in  how  you  manage,  store  and 
age  it. 

But  how  do  you  capture  it?  That’s  where  multifunction 
copiers  can  come  into  play  Most  new  copiers  are  net- 
work-attached  today,  meaning  they  can  serve  basic  copy¬ 
ing  and  printing  needs  and  also  be  used  to  scan  content 
for  distribution  or  delivery  to  document-management 
applications. 

If  you  work  for  a  large  company  chances  are  you’ve 
already  inherited  the  job  of  figuring  out  how  to  take 
advantage  of  multifunction  copiers.  But  some  firms  still 
are  making  the  mistake  of  looking  at  them  as  lowly 
copiers  and  leaving  them  in  the  hands  of  purchasing 
departments. 

With  recent  advances,  multifunction  copiers  can  play  a 
much  more  significant  role  in  workflow  processes.  Dennis 
Amorosano,  director  and  assistant  general  manager  of 
Canons  Integrated  Business  Systems  Division, says 
Canons  Java-based  multifunction  embedded  application 
platform  (MEAP)  lets  customers  develop  copier-based 
applications  that  have  unique  GUIs. 

With  MEAP  for  example,  a  mortgage  company  could 
build  an  application  that,  in  a  single  operation,  could 
scan  a  document  and  then  route  copies  electronically  to 
the  various  parties  that  need  to  see  it,  such  as  underwrit¬ 
ers,  the  legal  organization,  the  title  company  etc.“That 
would  minimize  the  time  it  takes  to  transit  the  paper,  not 
to  mention  eliminate  the  cost  associated  with  the  transit 
of  the  paper,”  Amorosano  says.Theoretically,  it  also  would 
speed  up  the  whole  process  and  make  it  possible  for  the 
company  to  close  more  business. 

Documents  that  are  distributed  like  this  can  be  printed 
and  used  in  the  traditional  way,  tied  into  an  existing  work- 
flow  systems  or  even  posted  as  HTML  pages  on  a  Web  site 
so  people  involved  in  the  process  can  fill  in  data  online. 

“Once  IT  guys  see  a  copier  running  an  application  that 
is  unique  to  their  organization,  they  tend  to  have  a  huge 
number  of  ideas  about  how  they  are  going  to  integrate 
the  technology  into  existing  business  applications,”  Amor¬ 
osano  says. 

The  lesson,  it  seems,  is  that  if  you  haven’t  already  real¬ 
ized  the  potential  of  the  copier  in  your  workflow  analysis, 
make  sure  you  consider  the  alternatives  in  your  larger 
content  management  plans. 

—  John  Dix 
jdix@nww.com 
Editor  in  chief 
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Strange  SSH  strategy 

I  read  with  interest  your  story  “Tester’s  Challenge: 
Dumb  defaults  update”  (www.nwfusion.com,  Doc 
Finder:  9422)  .You  are  correct  in  saying  that  Cisco  has 
so  far  declined  to  address  this  issue,  but  you’ve 
missed  one  of  the  biggest  points.  On  Cisco’s  IOS  plat¬ 
forms,  Secure  Shell  (SSH)  is  not  included  in  the  vast 
majority  of  software  images.  If  you  want  SSH,  Cisco 
typically  expects  you  to  buy  a  software  license  that 
might  cost  a  few  thousand  dollars  per  router.  It 
would  cost  my  company  more  than  $500,000  to 
implement  SSH  on  all  our  routers  globally  some¬ 
thing  other  vendors  give  you  for  free  out  of  the  box. 

Another  interesting  point  is  that  Cisco  has  a  dif¬ 
ferent  strategy  for  Catalyst  OS  —  with  that  product, 
a  software  image  with  SSH  is  available  at  no  extra 
cost.  It  seems  strange  that  Cisco  gives  the  option  for 
free  on  one  product  line,  but  not  on  another.  I  and 
several  other  customers  have  raised  this  issue  to  a 
senior  level  within  Cisco,  with  little  progress  so  far  — 
unusual  for  a  company  that  prides  itself  on  listening 
to  its  customers. 

Alistair  McDougall 
New  York 

Sin  of  omission 

I  must  point  out  a  glaring  omission  in  your  list  of  the 
50  most  powerful  people  in  networking  (DocFinder: 
9424):  Bobby  Johnson,  founder  and  CEO  of  Foundry 
Networks. 

Your  list  has  many  software  and  services  con¬ 
tenders,  but  what  of  the  people  and  companies  that 
are  defining  what  networking  is  today  and  for  the 
foreseeable  future?  Where  are  the  hardware  kings 
who  built  this  industry  and  continue  to  expand  it 
even  now?  Johnson  has  founded  more  than  one 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix.  editor  in 
chief,  Network  World.  118  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


well-known  network  hardware  company,  and 
Foundry  has  seen  a  recent  massive  run-up  in  its  val¬ 
uation  based  on  the  old-fashioned  notion  of  keep¬ 
ing  your  head  down  and  working  hard. 

Kevin  Cox 
San  Francisco 

In  “The  50  most  powerful  people  in  networking,”  you 
write,  “In  July  with  great  fanfare,  [Ed  Whitacre] 
announced  a  joint  marketing  deal  with  satellite  TV 
provider  EchoStar  that  makes  SBC  the  first  RBOC  to 
tangle  with  satellite  and  cable  companies  over  their 
mainstay  television  services.”  Bell  Atlantic  (now  Veri¬ 
zon)  had  a  bundling  deal  with  DirecTV  years  ago. 

Marc  Galindo 
New  York 

Referring  to  whom? 

In  Dave  Kearns’  column  “Operating  system  humor: 
No  funny  business”  (DocFinder:  9423),  what  people 
is  he  talking  about  who  would  prefer  to  keep  Wind¬ 
ows  NT  4  around  and  see  “Windows  2000  rolled  out 
to  pasture”?  What  boneheads  would  choose  the  lack 
of  (real)  plug  and  play  FAT32,  USB,  IPv6  and 
Kerberos  support  over  an  operating  system  that  has 
all  those  benefits  and  better  stability  to  boot?  Not  a 
good  example  for  the  point  trying  to  be  made. 

Luis  Carmona 
IS  analyst 
Tampa  Tribune 
Tampa,  Ha. 

Kearns  replies :  I  was  referring  to  a  small  but  signifi¬ 
cant  group  of  users  who  have  applications  that  have 
been  “orphaned."  They  mn  on  NT  4  but  not  on  any 
later  system;  they’re  no  longer  maintained  or  support¬ 
ed,  but  they  have  no  replacement  (or  the  replacement 
is  too  expensive  to  implement).  Plug  and  play,  FAT32, 
USB,  IPv6  and  Kerberos  aren 't  much  help  when  your 
database  no  longer  can  be  read  or  written  to. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  9421 
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TOTALLY  UNPLUGGED 

Ira  Brodsky 


there  are  more  than  100  million  instant¬ 
messaging  users,  the  majority  employing 
free  services  provided  by  AOL,  Yahoo 
and  MSN.  But  most  of  IMs  growth  lies  ahead. 
As  the  technology  expands  into  enterprise 
and  wireless  applications,  the  number  of  1M 
users  worldwide  easily  could  top  500  million. 

There  are  already  millions  of  enterprise  IM  users.  Users  who  need  to 
touch  base  frequently  with  the  same  co-workers  often  prefer  IM  to  the 
phone  and  e-mail.  IM  is  faster  and  more  convenient. 

But  that’s  just  the  beginning. “Real-time  enterprise”  applications  will 
use  IM  for  machine-toperson,  person-to-machine,  and  even  machine- 
to-machine  communications.  For  example,  thanks  to  IMs  “presence” 
feature,  an  application  automatically  can  find  and  contact  the  best 
available  person  to  handle  a  specific  problem. 

As  companies  deploy  IM  products  they  will  want  to  extend  them  to 
their  mobile  users.  Mobile  phone  operators  have  discovered  they  can 
obtain  far  higher  revenue  per  megabyte  from  messaging  services  than 
from  generic  IP  services. Text  messaging  via  mobile  phones  is  already 
popular  in  Europe  and  is  growing  rapidly  in  North  America.The  oppor¬ 
tunity  to  expand  and  enhance  wireless  messaging  is  huge. 

Until  now,  mobile  text  messaging  has  relied  on  a  store-and-forward 
technology:  Short  Message  Service.  Wireless  IM  will  let  operators  take 
mobile  messaging  to  the  next  level,  delivering  more  powerful  services 
integrating  presence,  location  (where  are  my  buddies  right  now?), 
sophisticated  user  preferences  (who  is  allowed  to  reach  me  during 
work  hours?)  and  multiple  media  (text  with  audio,  images  and  video). 


IM  expands  its  enterprise  reach 


But  there  are  significant  challenges.The  first  wireless  IM  products  sim¬ 
ply  extend  desktop  IM  to  mobile  phones.  AOL, Yahoo  and  MSN  use  pro¬ 
prietary  protocols  and  are  not  interoperable.  But  the  allure  of  wireless 
IM  is  the  promise  of  reaching  anyone, anywhere.That  will  require  inter¬ 
operability  between  mobile  phone  operators,  desktop  IM  service 
providers  and  enterprise  systems. 

The  four  largest  mobile  phone  operators  in  the  U.S.  —  Verizon  Wire¬ 
less,  Cingular  Wireless,  AT&T  Wireless  and  Sprint  PCS  —  all  have  intro¬ 
duced  wireless  IM  services. Verizon  and  Sprint  PCS  support  AOL,  MSN 
and  Yahoo.  AT&T  Wireless  supports  AOL  and  Yahoo;  Cingular  only  sup¬ 
ports  AOL. Wireless  IM  typically  costs  $5  per  month  for  a  bucket  of  mes¬ 
sages,  or  users  can  pay  10  cents  per  out-bound  and  2  cents  per  in¬ 
bound  message. 

In  the  future,  leading  IM  services  will  employ  presence-enabled 
address  books.  Address  books  automatically  will  show  the  availability 
of  people,  perhaps  including  their  location,  and  will  let  users  specify 
their  preferences  (for  example,  text  while  in  a  meeting  and  location 
information  only  while  working). 

The  demand  for  more  powerful  ways  of  keeping  in  touch  continues 
to  grow  —  even  as  users  complain  about  loss  of  privacy  However,  the 
two  are  not  mutually  exclusive.  More  powerful  means  of  keeping  in 
touch  also  can  provide  more  powerful  controls.  With  wireless  IM,  we 
can  be  in  touch  precisely  where  we  want,  when  we  want,  with  whom 
we  want  and  in  the  mode  we  want. 


As  the  technology 
expands  into 
enterprise  and 
wireless  applica¬ 
tions,  the  num¬ 
ber  of  IM  users 
worldwide  easily 
could  top  500 
million. 


Brodsky  is  president  of  Datacomm  Research  in  Chesterfield,  Mo.  He 
can  be  reached  at  ibrodsky@datacommresearch.com. 


INDUSTRY  COMMENTARY 

Frank  Dzubeck 

This  year,  the  key  corporate  network 
issues  will  be  more  philosophical  than 
technological.  Network  strategists  will 
have  to  address  and  answer  three  questions: 

•  How  will  on-demand/utility  computing 
affect  my  network  strategy? 

•  Can  I  outsource  my  networking  needs? 

•  To  what  degree  can  I  safely  use  autonomic  technology? 
On-demand/utility  computing  will  be  implemented  to  varying 
degrees  in  companies  of  all  sizes.  To  make  this  concept  work  seam¬ 
lessly  between  a  corporation  and  its  suppliers,  customers  and  partners, 
the  company’s  compute,  storage  and  network  infrastructure  segments 
all  must  be  transparently  accessible  by  business  applications  and 
users.  To  accomplish  this,  the  three  segments  all  must  have  certain 
inherent  capabilities,  such  as  dynamic  resource  allocation,  virtualiza¬ 
tion,  end-to-end  policy  management,  workflow  synchronization  and 
standardized  XML-based  Web  service  software  interfaces. 

This  year,  corporate  network  strategists  must  figure  out  where  to 
locate  the  intelligence  that  will  make  on-demand/utility  computing  a 
reality  in  2005. At  a  recent  Cisco  analyst  briefing.it  became  obvious  that 
instead  of  promoting  convergence  with  the  computing  world,  Cisco 
thinks  divergence  is  a  viable  alternative.  The  computing  world  thinks 
that  corporate  business  initiatives,  implemented  through  application 
and  policy  software  and  enabled  by  middleware  software,  exist  at  the 
network’s  edge.  Cisco  and  other  network  vendors  think  the  network 
must  be  independent,  highly  intelligent  and  host  application  software 
to  securely  and  qualitatively  make  IT  applications  work  with  users. 
Does  your  corporate  on-demand/utility  computing  strategy  require  a 
smart  network? 

The  issue  of  whether  to  outsource  the  network  has  been  on  the  table 
in  the  IT  world  for  many  years,  but  the  rise  of  on-demand/utility  com¬ 
puting  will  cause  it  to  receive  even  more  attention.  Within  this  new 
computing  environment,  compute  and  storage  resources  might  be 


Key  network  issues  for  2004 


owned,  partnered  or  outsourced.  For  small  and  midsized  businesses 
(SMB),  outsourcing  will  become  an  inexpensive  way  to  offload  IT.  Part 
of  that  offload  will  be  the  WAN  and  in  some  instances  the  LAN.  Using 
IP  VPN  technology,  SMBs  no  longer  will  have  a  need  for  in-house  net¬ 
work  expertise.  For  example,  the  IBM  Global  Services  business  unit  pro¬ 
vides  complete  outsourced  delivery  of  on-demand  services,  including 
network  access  and  connectivity 

In  larger  corporations,  hybrid  environments  will  exist  in  which  on- 
demand/utility  computing  is  both  in-house  and  outsourced.  Most  cor¬ 
porations  today  have  some  degree  of  outsourced  networking  experi¬ 
ence  using  remotely  hosted  Web-based  application  servers  and  remote 
site  managed  services  supplied  by  carriers.  That  experience  can  be 
used  to  determine  to  what  extent  network  outsourcing  is  feasible  with¬ 
in  a  corporation.  Does  your  company’s  on-demand/utility  environment 
require  that  you  own  your  network? 

The  rise  of  on-demand/utility  computing  will  force  network  strategists 
to  address  the  degree  of  trust  to  be  placed  in  autonomic  technology  In 
the  world  of  dynamic  resource  allocation  and  virtualization,  decisions 
must  be  made  in  real  time.  Fault/outage  correction  and  recovery,  and 
configuration  and  allocation  of  resources  to  meet  policy-based  quality 
of  service  and  security  requirements  must  be  autonomic.  Humans, 
especially  operations  personnel,  have  never  been  comfortable  letting 
computers  manage  computers.  Will  corporate  management  let  auto¬ 
nomic  technology  into  the  network  to  make  critical  decisions  without 
human  knowledge  or  oversight? 

Answering  the  above  questions  will  not  be  easy;  it  will  require  inter¬ 
nal  and  external  analysis  and  research.  No  matter  what  the  answers  are, 
these  issues  must  be  addressed  to  set  the  stage  for  the  implementation 
of  the  next  generation  of  IT  in  2005. 


The  rise  of  on- 
demand/utility 
computing  will 
force  network 
strategists  to 
address  the  de¬ 
gree  of  trust  to 
be  placed  in  auto¬ 
nomic  technology. 


Dzubeck  is  president  of  Communications  Network  Architects,  an 
industry  analysis  firm  in  Washington,  D.C.  He  can  be  reached  at 
fdzubeck  @commnetarch.  com. 


3Com 


Make  the  Decision  Today 
That  Will  Be  the  Right 
Decision  Tomorrow 

Introducing  the  3Conf  Router  3000  and  5000 
Families  for  small  and  medium  enterprises 


In  these  days  of  slashed  IT  budgets  and  reduced  headcount,  you  don't  get 
a  second  chance  to  make  the  right  network  decisions.  A  router  choice  that 
makes  sense  now  won't  make  sense  when  extra  money  and  manpower 
are  needed  for  upgrades  when  your  enterprise's  needs  grow.  Fortunately, 
3Com  eliminates  router  guesswork. 

No  other  router  in  this  class  can  beat  the  the  number  of  software  features 
and  amount  of  memory  shipped  standard  with  the  3Com  Router  3000  and 
5000  families.  They  integrate  seamlessly  into  existing  networks,  include 
full  VPN  and  security  support,  and  won't  need  any  costly  upgrades  down 
the  road. 

The  company  that  invented  Ethernet  is  now  the  single  point  of  contact 
for  complete  end-to-end  network  solutions.  Trade  up  now  to  get  a  15% 
rebate.  Visit  www.3com.com/WAN2  to  learn  more  about  3Com  routers 
and  the  trade  up  program. 


3Com  Router 
3000  Family 


3Com  Router 
5000  Family 
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*  Restrictions:  Sweepstakes  is  open  to  employees  of  end  user  companies  in  the  United  States  (excluding  Puerto  Rico).  No  Purchase  Necessary.  Purchase  Will  Not 
Increase  Chances  Of  Winning  Prize  valued  at  $5,000  (USD).  Odds  of  winning  depend  on  number  of  entries.  Subject  to  Official  Rules.  For  rules  and  entry  details 
visit  www.3com.com/shop.  Ends  5/31/04.  Void  where  prohibited.  This  promotion  may  be  altered  or  canceled  at  any  time. 
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How  to  fight  back  against  insian _ 

attacks  from  cookies  gone  bad. 


■  BY  DEBORAH  RADCLIFF 


What  is  spyware?  And  what  harm  can  it  do  to  my  networ 

Even  in  its  most  innocuous  form,  spyware  is  an  invasion  of  privacy 
Spyware  programs  such  as  Cydoor,  Gator,  Lop.com  and  Xupiter  install  without 
the  user’s  knowledge  by  piggybacking  on  peer-to-peer  file-sharing  programs, 
cute  executable  images  or  a  long  list  of  freeware. 


Primarily  used  for  target  advertising  purposes, 
spyware  tracks  a  user’s  Web  habits.  Some  programs  log 
keystrokes  and  even  capture  and  transmit  screen 
images. 

“These  programs  are  hard  to  avoid  because  they 
come  bundled  with  other  things,  and  it’s  not  always 
apparent  when  they’re  installing  themselves.  And  once 
they’re  on  computers,  they  can  be  difficult,  time-con¬ 
suming  and  costly  to  remove,” says  Michael  Steffen,  pol¬ 
icy  analyst  with  the  Center  for  Democracy  and 
Technology  (CDT)  in  Washington,  D.C. 

At  its  worst,  spyware  becomes  a  dangerous  tool  in  the 
hands  of  the  wrong  people. 

“Today,  spyware’s  annoying  but  relatively  benign.  But 
Gartner  believes  spyware  will  get  more  malicious  in  the 
future  and  be  used  for  password  harvesting,  credit  card 
number  theft  and  other  forms  of  identity  theft,”  says 
John  Pfescatore,  a  Gartner  analyst. 

Mark  Maiffret,  chief  hacking  officer  for  eEye  Digital 
Security,  sees  even  more  sinister  uses  for  spyware,  such 
as  capturing  and  transmitting  Microsoft  Word  and  Excel 
documents  to  steal  corporate  secrets. 

This  is  not  to  mention  the  unprotected  tunnels  being 
opened  to  the  desktops  by  unknown  programs  that 
aren’t  coded  with  security  in  mind,  adds  Jeff  Horne, 
researcher  for  Internet  Security  Systems,  which  makes 
RealSecure  intrusion-detection  software. 


How  to  avoid  spyware 

Enforcing  employee  Internet  use  policy  is  your  first  line 
of  defense,  Maiffret  says.  His  advice  is: 

•  Configure  desktop  browsers  and  Outlook  using  Micro¬ 
soft  Domain  Security  Policies. 

•  Block  ActiveX  and  other  executables. 

•  Manage  scripting.  ^ 

•  Filter  Web  content  through  an  HTTP  proxy  ^  ^ 

•  If  necessary,  segment  certain  employees  ^ 
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from  using  the  Internet  if  they  don’t  need  it 
to  do  their  jobs. 

Employees  also  should  be  taught  how  to 
surf  the  Web  safely  says  Ian  Poynter,  chief  : 
security  officer  for  Bit9,  a  security  software 
start-up.  Keep  user  education  simple,  he  says, 
by  sticking  to  the  following  points: 

•  Don’t  download  peer-to-peer  programs  or 
anything  you’re  not  sure  of. 

•  Don’t  click  on  fun  images  like  dancing 
bears. 

•  Don’t  download  freeware  without  first  checking  with  IT. 
The  bottom  line,  is  if  you  don’t  need  it  to  do  your  job, 

don’t  click  on  it. 

How  to  detect  spyware 

Even  if  you  implement  all  those  policies,  spyware  is 
likely  to  get  through.  Until  recently,  the  only  way  to  detect 


How  spyware  gets 
onto  your  network 

Jeff  Horne,  researcher  for  Internet  . 
Security  Systems,  lists  .the  f  ive  sneakiest 
ways  spyware  gets  distributed.  ' 

Masquerading  as  a  legitimate  -//  V 

plug-in  to  run  a  movie  pnnusic  file. 

Masquerading  as  a  browser  helper  f~  / 

object  such  as  a  Google  toolbar 
(used  primarily  in  home  page  redi-  / 
rects).  y  ™ 

-  Hiding  out  in  group  directories  on  peer-to-.peer 
networks  such  as  music-sharing,  and  then  spread-'  . 
ing  itself  by,  infecting  the  directories  of  machines  / 
searching  those  directories  for  their l  music  -selec¬ 
tions. 

-  Tricking  people  into  installing  their  programs. 

Instead  of  saying,  "To  install  this  program,  click 
yes,"  the  prompt  says,  "To  install  this  program, 
please  click  no." 

.  Hijacking  Outlook  e-mail  as  if  it  were  a  browser 
(primarily  for  pop-up  ads). 

How  to  filter  Port  80  traffic 

Because  spyware- installs  and  operates  over  Port 
80.  it  passes  onto  computers  without  notice  from 
the  current  generation  of  firewalls,  says  John 
Pescatore,  vice  president  of  security  research  for 
Gartner. 

Anti-virus/firewall  packages  that  do  sweep  http 
traffic  over  Port  80  for  spyware  patterns  include 
Fortinet  For. gate,  McAfee  Internet  Security  Suite, 
NoftoPfnternet  Security  2004  and  Trend  Micro's 
InterScan  Web  Security  Suite  for  Windows. 

Neither  Trend  Micro  nor  Symantec  offer  spyware 
detection  on  an  enterprise  level.  Norton's  con¬ 
sumer  product  contains  313  spyware  definitions, 
and  Symantec  plans  to  release  the  same  capabil¬ 
ity  in  its  enterprise  software  by  end  of  the  first 
quarter. 

Intrusion  detection  isn't  the  correct  way  to  scan 
for  spyware  because  it  relies  on  attack  signatures 
instead  of  traffic  pattern  analysis,  users  and  ana¬ 
lysts  say. 

"It's  hard  to  catch  spyware  by  looking  for  exploit 
signatures  because  it  installs  on  desktops  through 
ActiveX  plug-ins  and  browser  hplpdr  objects,” 

!/  says  Jeff  Home,  researcher  for  Internet 
^  Security  Systems,  which  makes.; 

RealSecure  intrusion-detection  soft vyare, 
“Spyware  changes  on  a:dav-to.-day 
basis.  You’d-  need  a  team  of  research-. 

\\  r-J  ers  writing  ;signatures  every.day  and  • 

.  'll  ^  still .you'.w5uftnT .be  a.ble-td.fcpqj>'up 
JJ  the  signature  -files."  he  says. 

//  I  nstead,  hhaa^s.  .you'  need  pattern 

recpgftftpnj^^ 

nIV.  .  _  t_i._  - ni.  ••a-..  / .  4T:. 
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.  .  was  to  wait  for  a  user  to  call  the 
:;c!o  desk,  says  Shane  Allen,  network  engi¬ 
neer  f.  v  Special  Devices,  a  Moorpark,  Calif., 

...  i k<  :  of  pyrotechnic  airbag  initiators. 

Users  would  call  and  say ‘i  can’t  open  this 
sis  '  , joesn’t  print.I  can’t  go  to  the  Web.’ So  we 
liD'.!  in  go  to  the  user  and  re-create  what  they 
■  doing,”  Allen  says. “You’d  start  to  see  all 
'different  errors  because  something’s 
Processing  in  the  background.” 

Ailen  moved  to  a  more  proactive  process  in 
March,  when  his  Web-filtering  vendor,  Web- 
sense, added  spyware  to  a  menu  of  behavioral 
blocking  options  in  its  new  product  called  the 
Client  Application  Module  (CAM).  CAM  sells 
tor  $25  per  seat  for  a  1,000-user  installation 
and  plugs  into  Websense’s  central  manager, 
called  Websense  Enterprise. 

With  its  daily  downloads,  Websense  Enter¬ 
prise  catches  most  spyware  before  it  gets  on 
his  network’s  computers,  Allen  says. 

If  spyware  does  get  through,  CAM  prevents 
it  from  executing  through  a  kernel-level  filter 
driver  that  looks  for  categorized  spyware 
behaviors  in  the  outbound  executables. 

In  this  way,  Websense  locates  spyware  that 
has  snuck  past  front-line  defenses.  Nigel  Smithson,  data 
security  officer  for  Boston  Private  Bank,  uses  Websense 
reports  to  determine  what  computers  need  disinfecting. 

“Spyware  is  the  bane  of  my  existence,”  Smithson  says.  He 
used  to  deal  with  spyware  reactively  But  now  he’s  lowered 
his  incidents  of  spyware  on  all  but  home-use  computers 
through  a  combination  of  commercial  tools  and  freeware 
for  a  total  investment  of  about  $2,000. 

“My  way  isn’t  the  be-all,  end-all,”  he  says.  “Anti-virus  goes 
some  way  towards  stopping  spyware.  And  we  use  a  desk¬ 
top  tool  to  clean  it  up  when  we  suspect  there’s  spyware  on 
a  machine.  But  certainly, Web  filtering  prevents  most  of  it.” 


Spyware  vs.  anti-spyware 


Websense’s  Client  Application  Module  blocks  spyware  from  infecting  your 
network.  Websense  Internet  filter  software  can  block  the  peer-to-peer 
connections  and  the  downloading  of  executables  and  applets  associated 
with  spyware.  Agents  on  the  client  and  the  network  alert  the  Websense 
management  tools  to  a  possible  spyware  download,  and  the  software 
tells  the  firewall  to  block  the  spyware  traffic. 
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How  to  remove  spyware 

For  spyware  that  makes  it  past  the  Web  filter,  removal  is 
difficult  without  an  automated  spyware  removal  tool. 
According  to  the  CDT  report  on  spyware,  most  spyware  is 
designed  to  resist  un-installation. 

“Spyware  leaves  behind  stuff  you  can’t  get  rid  of  that’s 
buried  in  places  all  over  the  registry  To  clean  it  means  tear¬ 
ing  down  the  registry  and  knowing  what  files  to  look  into,” 
says  Michael  Wood,  U.S.  representative  for  Lavasoft,  which 
makes  freeware  and  professional  spyware  removal  soft¬ 
ware  called  Ad-Aware.  The  professional  version  sells  for 


$39.95  per  desktop.  Allen  uses  Lavasoft’s 
freeware  version  for  those  times  he 
needs  to  eradicate  spyware  from  an 
infected  machine.  Smithson  also  uses  a 
freeware  product  called  Spybot. 

Smithson  says  he  tried  Ad-Aware,  but 
Spy  Bot  caught  more  spyware  without  a 
lot  of  the  custom  configuration  that  he 
had  to  do  with  Ad-Aware. 

“Because  of  Websense,  we  don’t  need 
to  put  spyware  mitigation  software  com¬ 
panywide.  We  only  use  it  occasionally 
when  someone  has  a  problem, ’’Smithson 
says.  “But  we  do  recommend  that  our 
home  users  install  it  on  their  machines 
and  run  it  in  the  background.” 

Other  products  on  the  market  include 
InterMute’s  SpySubtract,  lolo  Technolo¬ 
gies’  LLC  Mechanic,  Sygate’s  SSE  firewalls 
and  Tenebril’s  GhostSurf  Pro. 

How  to  protect  teleworkers 

Ah  yes,  the  home-user  bugaboo.  Current 
management  tools,  such  as  those  from 
Websense,  don’t  enforce  Web  use  policy 
on  home-use  machines.  So  only  home- 
use  spyware  mitigation  tools  such  as  Spy  Bot  and  Ad-Aware 
can  protect  those  machines  from  spyware. 

“Our  users  take  their  computers  home  and  browse  the 
Web  through  an  uncontrolled  connection.  So  sometimes 
they  have  problems,”  Allen  says.  “We  had  a  high-ranking 
employee  call  and  complain  the  other  day  about  his 
browser  getting  hijacked.  He  was  visiting  some  Web  sites 
in  Thailand,  where  one  of  our  major  suppliers  is  located. 
And  he  got  infected.” 

Raddiff  is  a  freelancer  writer  in  California.  She  can  be 
reached  at  deb@radcliff.com. 
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master  database 
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Spyware  can  be  a  problem  for  even  the  most  savvy  Internet  users.  # 

Ob  Dec.  22,  an  Internet  investigator  got  a  tip  that  child  been  worse.  Some  variants  evoke  dialers  to  call  up  1-900  even  more  mali- 
pornography  was. 'being  housed  on  an  adult -Web  site,  numbers  if  the  victim  is  using  telephone  dialup  for  clous  purposes,  such 


.When  he  visited  the  site  to  verify  the  information,  he  did¬ 
n’t  find  any ‘illegal  images.  But  what  he  did  find  was  a 
.  Trojan  horse  that  disabled  the  ActiveX  security  controls 
qn  bis  browser, and.  took  control  of  it. 

'  ;"i  heard  fa y  hard  drive .  churning  and 

.Clicked'  or  my  task  manager  and  saw 

'ffiim)  -executable  programs  were 

yimstafijno  themselves.”  says  Chris  vPfjrYl 

:;Bfahdoh 'of Brandon  internet  Services.  m  ”' 

Flbknfew  (was  jn  trouble  when  I  couldn't 

(tyst  my  task  manager  to  cancel  the  pro¬ 


as  the  culling  of  credit 

cards  and  passwords,  .#  #  ~ 

Dunham  says. 

“In  the  case  of  the  NorioTrojan,  it  changes  the  registry 
and  the  host  file.”  he  says.  “You  type  in  a  name  like  Micro- 
soft.com,  it  will  redirect  you  to  a  site  they  want  you  to  go 
to.  You  could  make  it  redirect  you  to  a  fake  Citibank.com 
Web  site  and  get  you  to  fill  in  sensitive  information." 

Brandon  removed  the  malicious  code  by  using 
Spywareinfo’s  remediation  kit  called  CWSweep.  (Pest- 
Patrol  also  provides  a  removal  kit.)  He’s  since  been  track¬ 
ing  down  the  IP  addresses  and  domain  names  that  the 
virus  loaded  into  his  registry.  Many  of  the  domain  names 
are  a  variation  of  Coolwebsearch.com. 

“I  want  to  find  the  people  responsible  for  this,  the  affil¬ 
iates  in  collusion  with  this,  and  turn  them  into  Microsoft 
for  that  bounty  it  promises  on  virus  writers,"  he  says. 

With  the  IP  addresses’ and  Web  site  names  so  easy  to 
find,  you’d  think  tracking  the  virus  writers  would  be  easy 
for  someone  with  Internet  tracking  skills.  But  most  of  the 
IP  addresses  Brandon's  investigated  led  to  bogus  host¬ 
ing  providers  and  ano'nymized  administrative  contacts. 
Meanwhile,  the  PestPatro!  report  bn  the  virus  lists  an 


Internet  access. 

“We’re  seeing  more  of  this  type  of  virus  activity  in 
recent  months,"  says  Ken  Dunham,  director  of  malicious 
code, for  Defense,  a  security  intelligence  firm  in  Reston, 
Va.  “Trojans  promote  going  to  certain  pornography  sites 
and  other  sites  they  affiliate  with  because  they  get 
‘  money  for  the  clicks  from  advertisers. They  terminate 
regedit.exe  [registry  editor],  and  they  can  be  very  diffi¬ 
cult’ to  remove." 

Anti-spyware  vendor  PestPatro!  reports  staggering 
growth  over  the  past  few  months  of  the  virus  that 
Symantec  dubbed  Trojan. None.  And  at  least  24  variants 
of  the  virus  now  exist  in  the  wild,  according  to  the  anti- 
spyware  site  Spywareinfo.com. 

Each  variant  is  designed  to  do  something  different.  One 
variant  changes  your. customized  search  settings  to 
'  alihyperlinks.com.  for  example.  Another 
.  ■  r  variant  redirects  ail  searches 

0  through  a  bogus  site  caked 
“  ■ '  •  Goolwebsearch.com.  Another 
••  •  redirects  Verisign’s  Site  Finder  to 


The  .time  .  he  '.checked  his ’,  registry...  the 
k-  .gao  bstaitec!  dozens  of  programs  that, 
iced/ hig. default  Web  page  with  it's  own.  and,. 
B-.its .y-Qw-n  IP  addresses  in  his  -favorite 
?&:|nartCLiteand  safe  zones.  When 'he  tried 
.^.Thkyprqgrarhs  and  reboot  the  machine. 

. 

is-a, perfect  example  of  spyware 


—  Deborah  Radcliff 


Middleware  is  Everywhere 


MIDDLEWARE  IS  IBM  SOFTWARE.  Powerful  software  like 
IBM  WebSphere.®  Using  an  open  and  scalable  foundation, 
WebSphere  software  lets  you  swiftly  respond  to  change.  On 
demand.  Applications  are  easily  updated,  tested  and  deployed. 
Lead  time  is  shortened.  And  everything  clicks,  regardless  of 
platform.  WebSphere  delivers  it  all.  On  the  money.  On  demand 
(©business  on  demancTat  ibm.com/websphere/rniddleware 


1.  New  design  already  tested. 

2.  Suppliers  already  linked. 

3.  Procurement  already  automated 

4.  Blueprints  already  updated. 

5.  Engine  all  ready  for  takeoff. 


WebSphere 


IBM  WebSphere  the  e  business  logo  and  e  business  on  demand  are  registered  trademarks  or  trademarks  of  Intel  national  Business  Machines  Corporation  in  the.Onrtea  States.: 
countries  •  2003  IBM  Corporation  All  rights  reserved.  *.V 
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PATCH  MANAGEMENT 


In  our  test  of  SecurityProfiling’s  SysUp- 
date  4.1.4  with  its  new  Policy  Compli¬ 
ance  and  Enforcement  Module  1.0,  we 
found  that  while  the  product  is  moving  in 
the  right  direction  toward  policy-based 
patch  management,  it’s  still  a  little  rough 
around  the  edges.  Console  reliability  and 
administrative  detail  are  lacking. 

SysUpdate  provides  policy  patch  man¬ 
agement  for  Windows,  Linux  and  some 
Unix  operating  systems,  identifies  the  sys¬ 
tem’s  configuration  and  checks  it  against 
the  defined  policy  Any  discrepancies  can 
be  corrected  immediately  or  queued 
pending  administrator  approval. 

The  best  SysUpdate  feature  we  tested  is 
its  concept  of  Multiple  Path  Remediation 
(MPR).  It  gives  administrators  choices  re¬ 
garding  how  best  to  mitigate  the  risk  for 
some  vulnerabilities  —  install  patches, 
disable  services  or  modify  some  other 
configuration  option.  In  our  testing,  Win¬ 
dows  systems  were  vulnerable  to  the  lat- 


Net  Results 


SysUpdate  4.1.4 

with  Policy  Compliance  and 
Enforcement  Module  1.0 


OVERALL  RATING 

3.18 


Company:  SecurityProfiling,  (888)  645- 
3676,  www.securityprofiling.com  Cost: 
SysUpdate:  $28  per  machine  for  at  least 
1,500  machines;  SysUpdate  PC&E:  $40 
per  machine  for  at  least  1,500  machines. 
Pros:  Supports  Windows,  Solaris,  Red 
Hat  and  Debian  systems  as  clients; 
Multiple  Path  Remediation  provides 
deployment  choices.  Cons:  Only  can  run 
console  on  Windows  systems;  no  agent 
deployment  tool;  OS  identification  not 
always  accurate;  reports  and  con¬ 
figuration  profile  components  are  quirky. 


Patch/policy  detection  30% 

3.5 

Patch/policy  deployment/  enforcement  30% 

3.5 

Usability/administration  25% 

2.5 

Reporting  15% 

3.0 

TOTAL  SCORE 

3.18 

■'  Scoring  Key:  5:  Exceptional;  4:  Very  good; 
7-:  Average;  2:  Below  average;  1:  Consistently 

subpar 


SecurityProfiling  product  offers 
interesting  approach,  but  lacks  polish 


■  BY  MANDY  ANDRESS,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 

atch  management  products  are  growing  up.  While  previously  limited  to 
pushing  out  patches  to  vulnerable  Windows  machines,  products  are 
branching  out  to  other  systems  and  letting  users  set  how,  when  and  why 
fixes  need  to  be  applied. 


est  remote  procedure  call  and  Windows 
Messenger  Service  attacks.  Using  MPR,  we 
could  install  the  patch  or  disable  the  ser¬ 
vice.  MPR  is  available  only  for  Windows 
XP  and  2000  with  NT  and  Unix  support 
on  the  way 

SysUpdate  has  three  parts.  SysUpdate 
Server  runs  on  a  Windows  system  and 
serves  as  the  central  repository  for  patch¬ 
es  and  policies.  Each  monitored  mac¬ 
hine  runs  SysUpdate  agent  software  that 
gathers  information  —  such  as  file  ver¬ 
sions  and  MD5  algorithm  hashes  —  and 
pushes  it  to  the  SysUpdate  Server  where 
a  logic  engine  analyzes  this  data  to  deter¬ 
mine  what  patches  are  missing. 

SysUpdate  Console  is  a  Microsoft  Man¬ 
agement  Console  Snap-In  that  can  runs 
on  any  Windows  system.  We  had  prob¬ 
lems  with  the  console  closing  on  us  after 
loading  a  policy  or  running  a  report. 
SecurityProfiling  engineers  attributed 
this  condition  to  network  congestion  sev¬ 
ering  the  client  communication  with  the 
server.  But  our  traffic  was  light,  and  this 
issue  arose  even  while  running  the  con¬ 
sole  directly  on  the  SysUpdate  Server. 

The  agents  automatically  are  polled  at 
predetermined  times  and  configured  as 
part  of  the  group  policy  on  the  server. 
Administrators  also  can  manually  poll 
systems  for  updated  information  from 
the  management  console. 

This  release  of  SysUpdate  does  not 
ship  with  an  automatic  agent  deploy¬ 
ment  mechanism.  SecurityProfiling  has 
developed  a  deployment  program, 
which  should  be  included  in  the  next 
release,  but  currently  is  only  available 
upon  request. 

Another  bump  in  the  testing  was  that 
operating  system  identification  was  not 
always  accurate.  One  of  our  Win  2000 
Server  systems  was  identified  as  running 
Win  2000  Professional. 

We  had  one  of  our  registered  Windows 
agents  disappear  from  the  SysUpdate  sys¬ 
tem.  To  reregister  the  system,  we  had  to 
manually  uninstall  the  agent  and  then  re 
install.  After  agent  installation  (which  re 
quires  a  reboot), the  system  will  report  to 
the  central  server. 

When  identifying  patch  policies,  ad¬ 
ministrators  select  which  programs  to 
support,  including  operating  system,  Mic- 


How  we  did  it 


We  installed  SysUpdate  Server  on  Windows  2000  Server  (256M  bytes  of 
RAM,  1GHz),  staying  with  the  default  Microsoft  Data  Engine  data¬ 
base.  We  installed  the  console  on  two  systems  running  Windows  XP 
Professional  and  two  systems  running  Win  2000  Professional.  We  installed 
agents  on  one  XP  Professional  system,  two  Win  2000  Servers  and  one  Red 
Hat  7.3  system.  The  network  infrastructure  is  a  lOOM-byte  switched  network, 
running  through  a  Cisco  Catalyst  switch. 

After  agent  installation,  we  created  groups  for  each  operating  system  and 
attempted  to  create  patch  and  configuration  policies  for  each  group.  We  then 
deployed  some  of  the  queued  patches  for  each  group  (Windows  and  Linux).  For 
some  patches,  we  went  through  the  Multiple  Path  Remediation  options  and 
opted  to  disable  the  Remote  Procedure  Call  service.  After  deploying  several 
patches,  we  attempted  to  generate  reports. 


rosoft  Virtual  Machine,  SQL  Server  and  a 
long  list  of  other  supported  applications. 
For  Windows  systems,  select  what  your 
mandatory  service  pack  baseline  is  and 
work  from  there.  The  SysUpdate  server 
then  downloads  the  necessary  packages 
(called  a  core  update)  from  the  central 
patch  repository  You  are  limited  in  what 
you  can  do  in  SysUpdate  while  a  core  up¬ 
date  is  in  progress.  For  example,  we 
couldn’t  schedule  a  deployment. 

The  patch-reporting  process  within  Sys¬ 
Update  Server  —  which  dictates  how 
missing  patch  information  is  calculated 
and  displayed  in  the  console  —  could 
use  some  improvement.  If  a  system  did 
not  have  the  baseline  service  pack  in¬ 
stalled  (SP4  for  our  testing),  you  only  re¬ 
ceived  notice  about  that  missing  service 
pack.  You  aren’t  notified  of  what  addi¬ 
tional  patches  are  missing  until  the  ser¬ 
vice  pack  gets  installed.  We  would  have 
preferred  to  see  a  laundry  list  of  things 
that  need  to  be  fixed  as  opposed  to  re¬ 
ceiving  them  piecemeal. 

SysUpdate  can  define  configuration 
profiles.  Before  using  the  profiles,  you 
must  first  define  a  security  template.This 
process  is  not  as  clear  as  it  could  be.  At 
least  one  default  security  template 
should  be  enabled  on  initial  install. Every 
time  we  tried  to  view  a  configuration  pol¬ 
icy  (without  having  a  template  defined), 
the  console  would  hang  and  eventually 
crash  trying  to  load  the  list. 

SysUpdate  includes  a  nice  security  risk 


graphing  system  for  the  groups  you  con¬ 
figure  that  shows  the  risk  level  based  on 
how  far  off  the  systems  are  from  the 
defined  policy  We  would  like  to  see  the 
ability  to  drill-down  to  individual  system 
information  from  this  screen. 

SysUpdate  ships  Crystal  Reports,  but  we 
often  encountered  the  same  console 
crashing  issue  if  we  tried  to  generate  a 
report  on  a  remote  console.  We  success¬ 
fully  generated  reports  with  the  console 
running  directly  on  the  SysUpdate  server. 

Overall,  SysUpdate  offers  some  excel¬ 
lent  ideas  on  how  to  approach  vulnera¬ 
bility  management  based  on  policy  but  it 
needs  a  bit  of  polish  before  it  will  be  real¬ 
ly  useful  in  an  enterprise  deployment. 

Andress  is  president  of  ArcSec  Tech¬ 
nologies,  a  security  company  focusing  on 
product  reviews  and  analysis.  She  can  he 
reached  at  mandy@arcsec.com. 


Global  Test  Allianci 


■  Andress  is  a  member  of  the  Network 
World  Global  Test  Alliance,  a  cooperative  of 
the  premier  reviewers  in  the  network  in¬ 
dustry,  each  bringing  to  bear  years  of 
practical  experience  on  every  review.  For 
more  Test  Alliance  information,  including 
what  it  takes  to  become  a  member,  go  to 


www.nwfusion.com/alliance. 


Middleware  is  Everywhere 


Can  you  see  it? 


Lotus. 

Key 

MIDDLEWARE  IS  IBM  SOFTWARE.  Software  like  IBM 

Lotus®  Workplace.  An  innovative  platform  based  on  open  ; 

1.  Shares  credit  rating.  Now. 

standards  that  combines  multiple  collaborative  applications 

j  2.  Responds  to  mortgage  broker.  Now. 

in  a  single,  dynamic  work  environment.  It’s  one  workplace 

3.  Confers  with  local  branches.  Now. 

tuned  to  individual  roles.  For  real-time  collaboration  Real 

4.  Approves  loan  with  supervisor.  Now. 

business  value.  Flexible  too,  it  leverages  IBM  Lotus  Notes™ 

|  5.  Does  it  all  on  one  platform.  Now. 

L"7 - 

<@ business  on  demand  “at  ibm.com/lotus/middleware 
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Weaving  through  the  red  tape 

IT  executives  learn  the  ropes  of  working  with  IT  oversight  committees  that  examine  their  spending, 


■  BY  PHIL  HOCHMUTH 

Belt-tightening  in  the  public  and  private  sectors  is  prompting 
creation  of  IT  oversight  committees,  which  comprise  non-IT 
staff,  to  formally  review  IT  expenses  and  help  make  better  deci¬ 
sions  for  organizations.  Whatever  form  these  groups  take  —  IT 
oversight  committee,  review  board  or  internal  auditing  board 
—  many  IT  executives  find  that  a  good  relationship  with  these 
groups  can  boost  the  bottom  line  and  make  their  IT  business 
units  more  efficient. 

Shrinking  IT  budgets  have  spurred  more  scrutiny  over  spending.  IT  spending  dipped 
by  5.3%  from  2001  to  2002,  going  from  $387.8  billion  to  $366.8  billion. Technology  buy¬ 
ing  got  a  slight  1.5%  boost  last  year,  with  2003  expenditures  estimated  at  $372  billion, 
according  to  1DC.  While  spending  might  be  on  somewhat  of  a  rebound,  budgets  remain 
tight  —  IDC  expects  spending  to  be  flat  this  year  in  many  of  the  economically  hard-hit 
vertical  markets  such  as  manufacturing, state  government, education  and  transportation. 

The  practice  of  setting  up  committees  of  non-technical  executives  to  formally  review 
IT  expenditures  seems  to  be  taking  hold  in  many  companies.  Last  October  at  a  confer¬ 
ence  of  CIOs  in  New  York,  A&R  FedEx  and  Mellon  Financial  were  among  the  firms  that 
said  they  were  in  the  process  of  establishing  so-called  IT  oversight  committees. 

To  CIOs  at  public  institutions  such  as  universities  and  hospitals,  IT  oversight  is  now  a 
way  of  life.  At  Arizona  State  University  (ASU),  however,  there  was  apprehension  in  the  IT 
department  about  the  establishment  of  a  formal  IT  oversight  committee,  says  William 
Lewis,  vice  provost  and  CIO  at  theTempe  institution.  But  the  IT  department  did  not  have 
a  choice  because  the  state  of  Arizona  passed  legislation  requiring  that  all  government 
organizations  have  a  formalized  IT  spending  review  process. 

In  spite  of  this  apprehension,  the  state  of  Arizona’s  Board  of  Regents  —  which  oversees 
ASU;  its  cross-town  sister,  the  University  of  Arizona;  and  Northern  Arizona  University  in 
Flagstaff  —  established  such  a  committee  in  2000.The  Board  of  Regents  reviews  IT  pur¬ 
chases  of  more  than  $250,000.  Internal  review  groups  at  the  schools  review  lower-lever 
expenditures. 

The  committee  wasn’t  initially  met  with  enthusiasm. “We  went  in  kicking  and  scream¬ 
ing  at  first,”  Lewis  says. “There  was  talk  that  they’d  be  constantly  looking  over  our  shoul¬ 
der,  fear  of  more  paperwork  and  red  tape  . . .  typical  things  that  come  up  when  changes 
at  this  level  are  made. Then  we  settled  down  and  realized  that  in  the  long  run,  our  best 
interest  was  to  have  a  good  relationship  with  the  board.” 

Because  of  his  good  relationship  with  the  committee,  Lewis  says,  he  has  flexibility  to 
operate  his  department  and  take  care  of  unexpected  costs  without  suffering  from 

bureaucratic  setbacks.  For  example,  a  recent  disk  array 
failure  in  the  data  center  required  an  immediate 
replacement.The  cost  normally  would  have  required  a 
committee  stamp,  but  he  went  ahead  and  purchased 
the  needed  equipment  without  consulting  the  group. 

“They  are  willing  to  forgive  us  and  accept  when  we 
occasionally  do  things  out  of  policy?’  Lewis  says.  “We 
know  they’re  not  trying  to  be  a  roadblock.That’s  due  to 
a  mutual  respect  and  trust.” 

He  says  that  a  beneficial  side  effect  of  having  the  IT 
oversight  committee  is  that  IT  groups  among  the  three 
universities  now  have  a  better  picture  of  what’s  going 
on  at  the  other  schools.  Recently,  ASU  and  the 
University  of  Arizona  embarked  on  a  joint  upgrade  of 
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their  accounting  systems,  a  project  that  would  have  been  harder  to  undertake  before  the 
formal  IT  oversight  structure  was  established. 

A  key  to  managing  the  relationship  between  the  ASU  IT  group  and  the  Board  of 
Regents’  oversight  committee  is  communication,  Lewis  says.  It  was  a  challenge  at  first 
because  committee  members  typically  lack  technical  backgrounds.  “Sometimes  you 
have  to  be  very  careful  of  four-letter  acronyms  and  jargon,”  Lewis  says  of  dealing  with  the 
board.“We  try  to  boil  the  issues  down  and  have  a  formal  presentation  format.” 

This  is  an  approach  also  taken  by  Dan  Moreale,  CIO  for  the  North  Bronx  Healthcare 
Network  (NBHN).“If  I  talk  about  our  need  for  a  Gigabit  Ethernet  upgrade  or  that  we 
need  more  terabytes  of  storage  for  our  imaging  system,  that  means  nothing  to  them,” 
Moreale  says.“Our  chief  operating  officer,  for  instance,  is  a  big  baseball  guy  . .  .some¬ 
times  I  put  it  into  baseball  terms.”  When  appealing  for  money  for  a  recent  network 
upgrade,  Moreale  sprinkled  his  presentation  with  such  phrases  as  “bottom  of  the  ninth” 
and  “bring  in  the  winning  run.”  While  a  bit  hokeythe  CIO  admits,  this  gets  results. 

Because  the  city  of  New  York’s  Health  and  Human  Services  division  governs  NBHN, 
there  is  no  shortage  of  red  tape  sticking  to  NBHN’s  IT  group,  Moreale  says.This  equals  sev- 
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eral  levels  of  IT  spending  oversight,  including  a  hospital  board  for  IT  spending  approvals 
and  a  “capital  committee”  for  the  higher-ticket  IT  purchases.  Doing  the  homework  and 
prepping  individual  board  members  before  facing  the  whole  group  is  crucial. 

“1  never  go  in  and  ask  for  money  if  I  haven’t  spent  at  least  a  few  months  building  a  case 
for  a  certain  project,”  Moreale  says. 

While  working  with  board  members  and  fine-tuning  the  message  is  important, 
Moreale  says  CIOs  in  his  situation  still  have  to  resign  themselves  to  the  downside  of 
heavy-handed  IT  oversight  —  waiting. 

“Noting  gets  done  around  here  in  less  than  six  months,” he  adds.“That’s  just  the  way  it  is." 

Another  healthcare  IT  executive,  Jim  Olson,  CIO  at  Waterbury  Hospital  in  Waterbury, 
Conn., agrees  that  garnering  support  from  IT  oversight  board  members  before  meetings 
is  important. 

“If  I  go  in  there  and  have  someone  else  saying  we  need  a  technology,  and  it’s  not 
just  coming  from  me,  that  can  be  helpful,”  Olson  says.  “Getting  people  on  your  side 
before  meetings  will  keep  things  from  turning  into  a  ‘let’s  grill  the  CIO’  session  — 
most  of  the  time.”B 
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Yes,  you  can  Switch 
Power  over  the  Internet... 


Servers,  routers,  and  other  electronic  equipment  sometimes 
“lock-up,”  often  requiring  a  service  call  to  a  remote  site  just  to  flip 
the  power  switch  to  perform  a  simple  reboot... 

The  NBB  “Mini”  Boot  Bar  Power  Switch,  gives  you  the  ability  to 
perform  this  function  from  anywhere! 

85  Web  Browser  Access  for  Easy  Operation 
m  Tei'net  and  Serial  Access 
m  Encrypted  Password  Security 
SI  Five  Individual  Outlets 
m  Power-up  Sequencing 

■  On  /  Off  /  Reboot  Switching 
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Custom  Management  Levels 


OBSERVER 

•Decode  over  500  protocols 

•  Long-term  network  trending  &  analysis 

•  "Real-time  statistics 

EXPERT  OBSERVER 

•  Wbat-lf  Modeling  Analysis 

•  Expert  Analysis 

•  Connection  Dynamics 

OBSERVER  SUITE 

Complete  SNMP  device  management 

•  Supports  full  RM0N1,  RM0N2.  HCRM0N 

•  Web  Publishing  Reports 

•  V, ■  - .  '  .-:V, 


AKE  IT  HAPPE 
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Remote  &  Hardware  Options 


Test-drive  the  new  Observer  9.0  today  and  see  how  it  immediately 
finds  problems  you  didn’t  know  you  had,  optimizes  network  traf  : 
and  provides  insight  for  future  planning.  Call  800-526-5958  for 
a  full  featured  evaluation  or  visit  our  website  at 
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GIGABIT  &  WAN  HARDWARE  OPTIONS 

•  Portable  analyzer  systems 

•  Rack-mount  Probes  ready  to  go 

•  Direct,  passive  link  for  independent  views 


•  New  Application  Analysis 

•  Remote  probes  now  provide  multi-interface  and 
multi-session  support 

•  Industry-first  4GB  packet  capture  buffer 

•  Wireless  Site  Survey  Modes 

•  Nanosecond  resolution 

•  Now  over  450  Expert  Events 

•  SNMP,  RM0N  and  now  HCRM0N  support 


REMOTE  NETWORKING  PROBES 

•  Fully  distributed 

•  Monitor  up  to  64  NICs  simultaneously 

•  New  levels  of  problem  solving  collaboration 


Introducing  Observer  9.0 
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A  KVM  switch  allows  single  or  multiple 
workstations  to  have  local  or  remote  access  to 
multiple  computers  iocated  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
traditionally  provided  cost  savings  in  reducing 
energy  and  equipment  costs  while  freeing  up 
valuable  real  estate. 


UltraLink™ 

REMOTE  KVM  ACCESS  OVER 
ETHERNET  OR  DIAL-UP 


•  Connect  to  remote  computers  over  Ethernet  or  dial-up 

•  Single,  dual,  quad  models 

•  Up  to  1280x1024  resolution,  supports  all  platforms 

•  Scaling,  scrolling,  and  auto-size  features 


UltraConsole 

PROFESSIONAL  SINGLE-USER  KVM  SWITCH 
SUPPORTS  UP  TO  1000  COMPUTERS 

•  Connects  up  to  1000  computers  to  a  KVM  station 

•  Models  for  4,  8,16  computers 

•  Advanced  visual  interface  (AVI) 

•  Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 


Recognized  as  the  pioneer  of  KVM  switch 
technology,  Rose  Electronics  offers  the 
industry's  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
Known  for  their  quality,  scalability,  ease  of  use 


•  Easy  to  install,  give  it  an  IP  address  and  run  the  remote  client,  no  •  Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

licensing  required  •  Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

•  Quad  screen  mode  allows  you  to  see  four  servers  from  one  screen  •  Free  lifetime  upgrade  of  firmware 

•  Secure  encrypted  operation  with  login  and  computer  access  control  •  Security  features  prevent  unauthorized  access 

•  Full  emulation  of  keyboard  and  mouse  functions  for 
automatic,  simultaneous  booting 

•  Easy  to  expand 


and  innovative  technology. 


Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 
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REMOTE  MULTIPLE  USER  KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


•  Connects  1000  computers  to  multiple  user  stations  over  IP  or  locally 

•  High  quality  video  up  to  1280  x  1024 

•  Scaling,  scrolling,  and  auto-size  features 

•  Secure  encrypted  operation  with  login  and  computer  access  control 

•  Advanced  visual  interface  (AVI) 

•  No  need  to  power  down  servers  to  install 

•  Free  lifetime  upgrade  of  firmware 

•  Available  in  several  models 

•  Easy  to  expand 


Vista"  &  Vista-Mini 

LOW  COST  SINGLE-USER  KVM  SWITCH 
SUPPORTS  UP  TO  64  COMPUTERS 


Low  cost  and  easy  to  use 
Saves  physical  space,  equipment  and  power  costs, 
reduces  clutter 

Available  in  two  different  styles 

•  DB25  connectors,  use  Rose  UltraCable,  supports 
USB 


•  PC  connectors,  use  a  separate  cable  for  keyboard, 
mouse,  and  monitor 

•  Front  panel  LEDs  show  power  &  connection  status 

•  Heavy-duty  steel,  fully  shielded  chassis 

•  Rackmountable 
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CrystalView  Plus" 
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•  PC  or  multi-platform  (  PC/Unix,  Sun,  Apple,  others) 

•  Advanced  visual  interface  (AVI) 
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•  Security  features  prevent  unauthorized  access 

•  Free  lifetime  upgrade  of  firmware 
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•  VGA,  PC,  Sun,  Serial,  Audio,  and  Mini  versions 

•  Available  in  2  models: 

•  Single  Access  -  Extends  keyboard,  monitor,  and  mouse 
50  to  1,000  feet  away 

•  Dual  Access  -  Allows  you  to  add  a  second  keyboard, 
monitor,  and  mouse  to  the  local  unit 

•  Fully  buffered  signals  to  ensure  consistent  remote  operation 
of  your  PC 

•  CrystalView  Plus 

•  Available  in  single,  dual,  and  quad  video  models 

•  Video  resolution  up  to  1600  x  1200 
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EQUINOX 

art  Avocent  Company 


Your  key  to  console  access 
and  management. 


AVWorks™  management  software  and 
the  CCM  console  manager  integrate 
with  Avocent's  KVM-over-IP  switches 
and  intelligent  power  controllers  to 
offer  total  data  center  management 
from  a  single  application. 


Power 


Control 


Devices  in  Rack 


Linux  Server 


Windows  Server 


Unix  Server 


Switch 


Local  or  remote 
console  access. 
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Router 


CCM1G40 
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SSH 
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Console  Port  Management 

When  business  critical  servers  or  networks 
malfunction,  the  Equinox  CCM  console  manager 
gives  you  the  tools  to  securely  and  quickly 
restore  normal  functionality. 


Download  your  free  guide! 

8  Key  Reasons  Why  Administrators 
Rely  on  Equinox  Console  Port 
Management  Solutions  at 
www.equinox.com 
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■  SSH  v2/Telnet  host 
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■  Offline  buffering 
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■  Point  and  click  access 


With  the  CCM  you  can: 

■  Be  organized 
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■  Manage  users 

■  Establish  permissions 

■  Be  proactive 

■  Log  critical  events 


For  a  30-day  product  evaluation,  call  1-800-275-3500 
ext.  247  or  954-746-9000  ext.  247 


Available  in 
8  and  16-port 
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•  Built-in  Barcode  Badge  Reader 


•  Customizable  Data  Collection 
Program  Included  jgfe 

■  Larger  keyboard  and 
display  sizes  available  ■ 
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HCL  TECHNOLOGIES  AMERICA,  INC. 

HCL  Technologies  America.  Inc.  and  its  affiliate  companies, 
like  HCL  Technologies  (Illinois)  Inc.,  and  HCL  Technologies 
(Mass.)  Inc.,  have  multiple  openings  at  its  offices  in 
Sunnyvale.  CA;  Stamford  CT;  Plano  TX;  Florham  NJ,  Irvine 
CA,  Vienna,  VA,  Boston,  MA.  Chicago,  IL,  Detroit,  Ml  as  well 
as  project  sites  throughout  the  United  States  for  the  following 
positions: 

Software  Engineers 
Programmer  Analysts 
Systems  Analysts 
Database  Administrators 
Systems/Network  Administrators 
Project  Managers 

Account  Managers/Sales  Managers/Business  Managers 

Sales  Engineers 

Industrial  Engineers 

Market  Research  Analysts 

Management  Analysts 

Salary  will  be  commensurate  with  education  and  experi¬ 
ence.  All  positions  may  involve  travel  or  relocating  to  vari¬ 
ous  client  sites  through  out  the  US. 

For  consideration  please  send  your  resume  to: 

HCL  Technologies  America,  Inc. 

Attn.:  HR  Dept.  (Computerworld  Ad.) 

330  Potrero  Avenue 
Sunnyvale,  CA  94085 
Email:  cwjobs@hcltech.com 

Please  indicate  the  location  and  the  position  you  are 
applying  for. 

www.hcltechnologies.com 


Quality  Control  Engineer:  Under 
direct  supervision  help  to  ensure 
the  integrity,  stability,  usability 
and  scalability  of  all  company 
software  applications.  Assist  in 
white  box  and  black  box  testing 
and  perform  manual  and  auto¬ 
matic  testing  with  industry  stan¬ 
dard  scripting  languages. 
Perform  basic  programming  in 
C++  or  Visual  Basic.  Perform 
manual  testing  with  the  help  of 
student  interns.  Requirements 
include  a  Bachelor's  degree  or 
equivalent  in  Computer  Science, 
Mathematics,  an  Engineering 
discipline  or  related  field  and 
one  year  of  experience  in  the  job 
offered  or  related  field  of  com¬ 
puter  support.  Applicants  must 
have  unrestricted  authorization 
to  work  in  the  United  States. 
Salary  $55, 952/year.  40 

hours/wk.  Respond  with  two 
copies  of  resume  to  Case 
#200203405,  Labor  Exchange 
Office,  19  Staniford  St.,  1st  FI., 
Boston,  MA  02114 

Programmer/Analyst  needed  for 
Software  Development,  Ser¬ 
vices  &  BPO  firm  located  in 
Burlington,  VT.  Job  duties  in¬ 
clude:  Analyze,  develop,  code, 
test  and  implement  computer 
software  applications/systems  in 
client  server  and  web-based 
environments  for  clients  located 
along  the  east  coast.  Develop 
systems  to  assist  in  content  and 
data  management.  Use  JSP, 
Java,  Oracle  and  Windows  NT. 
Perform  work  as  part  of  a  team 
under  direct  supervision.  Appli¬ 
cant  must  have  B.S.  degree  in 
Computer  Science,  Business, 
Mathematics  or  Engineering. 
Degree  based  upon  combination 
of  academics  and  experience  is 
acceptable.  Applicant  must  also 
have  2  yrs.  exp.  in  the  job  duties 
described  above  or  in  any  com¬ 
puter  related  occupation  which 
includes  the  skills  listed  above. 
40hrs/wk,  8:00am-5:00pm,  Mon- 
Fri,  $52,936/yr.  Send  resumes 
to:  Job  No.  612531,  P.O.  Box 
488,  Montpelier,  VT  05601- 
0488. 

Programmer/Analyst 

Location:  Simpsonville,  South 
Carolina.  Must  be  able  to  de¬ 
sign,  develop  and  test  computer 
programs,  applying  knowledge 
of  programming  techniques  and 
computer  systems.  Will  be  re¬ 
sponsible  for  installation  of  soft¬ 
ware  and  providing  technical 
assistance  to  program  users. 

Must  have  Masters  degree  in 
Computer  Science.  Must  have 
experience  with  object-oriented 
programming,  the  software  de¬ 
velopment  lifecycle,  relational 
databases  and  the  latest 
Microsoft  development  tools. 
Relocation  would  be  at  appli¬ 
cant's  expense.  To  apply  please 
submit  resumes  to:  Castle 
Solutions,  Inc  114  Sandhurst 
Drive,  Simpsonville,  SC  29680. 

JUNIOR  SYSTEMS  ADMINIS- 
TRATOR-Financial  manage¬ 
ment  firm  seeks  Junior  Systems 
Administrator  for  its  250  nodes 
Linux  cluster  for  trading  pro¬ 
grams.  Duties  include  cluster 
administration  (building  Linux 
kernels,  building  packages,  log- 
file  analysis,  writing  automation 
scripts,  monitoring  nodes,  per¬ 
formance  tweaking  &  trou¬ 
bleshooting)  &  management  of 
in-house  support  infrastructure, 
including  daily  administration  of 
users  50PCs  and  250  Sun 
machines,  utilizing  UNIX. 
Backup  administration  using 
Legato  Networker  with  600+ 
tapes.  Bachelor's  degree  in 
Computer  Science  or 

Engineering  (any  field)  and  at 
least  6  month  experience 
required.  Salary  according  to 
experience.  Mail  resume  to 
RTC,  600  Route  25A,  East 
Setauket,  NY  11733,  Attn.  JR. 

Computer  Professionals 
(Multiple  Openings) 

Software  Engineer/Systems 
Analyst/Database  Administra¬ 
tor/Network  Administrator 

Chatham,  IL. 

Must  have  bachelors  degree 
or  equivalent  and  experience 
in  some  of  the  following 
skills:  C/C++.  Java,  Web  Meth¬ 
ods,  Cold  Fusion.  Microsoft 
Technologies  (Visual  Basic, 
.NET,  ASP)  CRM  (Siebel,  Clar¬ 
ify,  Vantive),  Middle  Ware  Tech¬ 
nologies  (Orbix,  Corba,  Tibco, 
Vitria)  Data  Ware  Housing  Tools 
(Informatics,  Data  Stage,  Abini- 
tio,  Business  Objects,  Cognos, 
Micro  Strategy,  Brio)  ERP  (SAP, 
People  Soft.  Oracle  Apps, 
Baan),  Mainframe  (Cobol,  CICS, 
JCL,  VSAM)  AS400,  Ecom- 
merce,  Databases  (SQL  Server/ 
Oracle/DB2/Sybase),  Microsoft 
Windows(95/98/NT/2000.Excha 
nge),  UNIX  (Sun  Solaris,  HP, 
AIX),  Linux  and  QA  (Win  Run¬ 
ner,  Load  Runner,  Silk,  Quick- 
pro,  Manual  Testing). 

Position  requirement:  Must  be 
willing  to  travel  and  /or  relo¬ 
cate  per  project  specification. 

Mail  your  resumes  to:  iobs@ 
amsolinc.com 

or 

Human  Resource  Director, 
American  Solutions  Inc, 

145  North  Market  Street,  Suite  1 
Chatham,  IL  62629-1326. 


Programmer/Analyst  needed  for 
Software  Development,  Servic¬ 
es  &  BPO  firm  located  in  Bur¬ 
lington,  VT.  Job  duties  include: 
Analyze,  develop,  code,  imple¬ 
ment  and  test  computer  soft¬ 
ware  applications/systems  in  a 
mainframe/legacy  environment 
for  multiple  clients  located 
throughout  the  East  coast. 
Projects  include  development 
and  conversion.  Use  COBOL, 
PL/SLQ,  DB2,  VSAM,  JCL,  and 
UNIX.  Perform  work  as  part  of  a 
team  under  direct  supervision. 
Applicant  must  have  B.S.  de¬ 
gree  in  computer  science,  engi¬ 
neering,  math,  or  business. 
Applicant  must  also  have  2  yrs. 
exp.  in  the  job  duties  listed 
above  or  in  any  computer  relat¬ 
ed  occupation  which  includes 
the  skills  listed  above.  40hrs/ 
wk,  8:00am-5:00pm,  Mon-Fri, 
$52,936/yr.  Send  resumes  to: 
Job  No.  612582,  P.O.  Box  488, 
Montpelier,  VT  05601-0488. 


SENIOR  PROGRAMMER/ANA¬ 
LYST  to  analyze,  design,  devel¬ 
op,  implement  and  maintain 
web-based  application  software 
in  a  client/server  environment 
using  object-oriented  method¬ 
ologies,  C,  C++,  VC++,  MFC, 
SQL  Server,  InstallShield,  XML, 
HTTP,  ATL,  STL,  COM/DCOM, 
Java,  J2EE  and  WebLogic  un¬ 
der  Windows  NT/2000  operating 
systems.  Require:  B.S.  degree 
in  Computer  Science,  an  Engin¬ 
eering  discipline,  or  a  closely  re¬ 
lated  field  with  2  yrs  of  exp.  in 
the  job  offered  or  as  a  Software 
Engineer.  Extensive  travel  on 
assignment  to  various  client 
sites  within  the  U.S.  is  required. 
Competitive  salary  offered. 
Apply  by  resume  to:  Debra 
VanderMeer,  Chutney  Technolo¬ 
gies,  Inc.,  11  Piedmont  Center, 
3495  Piedmont  Rd,  Ste  289, 
Atlanta,  GA  30305;  Attn:  Job  AP 


COMPUTER  SYS 

ADMINISTRATOR  want¬ 
ed  by  Refurbishing  comp 
in  S.  Hackensack,  NJ. 
Must  have  Bachelor's 
Degree  or  Equiv  in  Comp 
Sci,  Math  or  Elec  Engg  + 
Exp.  Respond  to:  Teamex 
Corporation,  10  Horizon 
Blvd.,  S.  Hackensack,  NJ 
07606.  Attn:  J.  Lee 


it  careers.com 


Programmer  Analyst,  Senior  in 
Chicago,  IL  to  plan  &  implement 
Enterprise  Resource  Planning 
using  JDE  Tool  set,  Enterprise 
Report  writer  and  using  JD 
Edwards  One  WorldXPI  & 
World  Technology  tools;  design, 
develop  &  maintain  various  3rd- 
party  products  interfacing  w/ 
JDEdwards  syst.  (updates, 
security  maintenance  and 
admin);  Provide  3rd  level  tech 
support  including  Help  Desk  and 
tech  support  staff  in  trouble 
shooting  issues;  Monitor  JDE 
systems  including  diagnosis  and 
implement  solutions;  coordinat¬ 
ing  JDE  systems,  third  party 
operational  requirements  with 
overall  IS  operations  and  cus¬ 
tomer  requirements;  Maintain 
up-to  date  documentation  for 
JDE,  including  admin,  functions; 
Train  other  IS  personnel  in  the 
use  and  support  of  JDE  and 
third  party  products.  Req's  B.S. 
in  Comp.  Sci.,  Compl  Appl.  or 
Elect.  Eng.,  and  prior  experi¬ 
ence  as  a  Programmer  Analyst. 
Also  req's  expertise  in  JDE  One 
World  Technology  and  in  devel¬ 
opment/maintenance  of  financial 
planning  applications.  Send 
resume  to  Equity  Office 
Properties,  CJ  1128  2  N. 
Riverside  Plaza,  Chicago,  IL 
60606. 


COMPUTER  PROFESSIONALS 

Opportunities  for: 

•  PROCESS  CAPABILITY 
ANALYST 

•  QC  ANALYST 

•  WEB  ARCHITECTS/ 
DEVELOPERS 

•  SYSTEMS  ANALYSTS 

•  WEB  GRAPHIC  DESIGNERS 

•  NETWORK  ENGINEERS 

•  PROGRAMMER/ANALYSTS 

•  SOFTWARE  ENGINEERS 

SKILLS: 

•  COLD  FUSION  •  SPECTRA 

•  ORACLE  ■  VISUAL  BASIC 

•  VISUAL  C++  •  SIEBEL  •  ASP 

•  COM.  DCOM  •  JSP  •  HTML 

•  JAVA,  JAVA  BEAN  •  EJB  JAVA 
SERVLETS  •  WEBSPHERE 

•  IBM  MQ  SERIES  •  XML.UML 

•  MTS  •  CLARIFY  -  PERL 

•  OBJECTPERL • SPYPERL 

•  SMALLTALK  •  PUSQL 

•  VISUAL  AGE  •  COBOL,  SPL, 
UNIX 

Visit  our  website  @ 
www.computerhorizons.com 

Attractive  salaries  and  benefits. 
Please  forward  your  resume  to: 
H.R.  Mgr.,  Computer  Horizons 
Corp..  49  Old  Bloomfield 
Avenue,  Mountain  Lakes,  New 
Jersey  07046-1495.  Call 
973-299-4000.  E-mail:  jobs® 
computerhorizons.com.  An 
Equal  Opportunity  Employer  M/F, 


Sr.  DBA.  Planning,  capacity 
modeling,  design,  validating, 
tuning,  supporting  &  maintaining 
large  (500G+)  CRM  database 
hosted  in  SQL2000  ASP  model 
(clustered).  Design  &  validate 
customer  req.  to  meet  9999 
Service  Level  Agreements 
Req.  BS  comp  sci  or  related  &  4 
yrs  exp.  as  DBA  with  2  yrs  sup¬ 
port  large  CRM  DB  &  clustered 
tech.  SQL2000  using  MS. 
Dot.net,  including  modeling, 
design,  validating,  support  & 
maintenance.  Perm  workers 
only.  Resumes  to:  K  Cramer, 
Reynolds  and  Reynolds,  P.O. 
Box  2608,  Dayton,  OH  45401. 


Software  Engineers  for  Nap¬ 
erville,  IL  office.  Develop  soft¬ 
ware  applications  using  C, 
C++,  VB,  Delphi,  ASP,  XML, 
UML,  Coolgen,  Interwoven, 
Oracle,  PL/SQL,  Developer 
2000  &  Designer  2000. 

Bachelors  or  equivalent  req'd 
in  Computers,  Engineering, 
Math  or  related  field  of  study 
+1  yr  of  related  exp.  40 
hrs/wk.  Must  have  legal  auth¬ 
ority  to  work  permanently  in 
the  U.S.  Send  resume  to  HR 
Manager,  Softsol  Resources, 
Inc.,  48383  Fremont  Blvd,  Ste 
116,  Fremont,  CA  94538. 


Seeking  qualified  applicants  for 
the  following  positions  in  Mem¬ 
phis/Collierville,  TN:  Senior 
Technical  Analyst.  Research, 
evaluate,  implement  and  coordi¬ 
nate  changes  to  computer  sys¬ 
tems/applications.  Require¬ 
ments:  Bachelor's  degree"  or 
equivalent  in  computer  science, 
math,  engineering  or  related 
field  plus  5  years  of  experience 
in  systems/applications  develop¬ 
ment,  including  programming. 
Experience  with  Java,  Jkarta 
Struts  architecture  and  Web- 
Logic  application  server  technol¬ 
ogy  also  required.  "Master's 
degree  in  appropriate  field  will 
offset  2  years  of  general  experi¬ 
ence.  Submit  resumes  to  Sibi 
George,  FedEx  Corporate  Ser¬ 
vices,  1900  Summit  Tower  Blvd., 
Suite  1400,  Orlando,  FL  32810. 
EOE  M/F/D/V. 


PROGRAMMER  ANALYSTS 
for  Naperville,  IL  office.  Devel¬ 
op  &  maintain  software  appli¬ 
cations  using  Oracle,  SQL 
Server,  Erwin,  Linux,  Sybase, 
XML,  UML,  Interwoven,  Cool¬ 
gen,  ClearCase,  ClearQuest, 
Plumtree,  PVCS,  UNIX.  Bach¬ 
elors  Degree  reqrd  in  Com¬ 
puters,  Engineering,  Math  or 
related  field  of  study  +  2yrs  of 
related  exp.  40  hrs/wk;  Must 
have  legal  authority  to  work 
permanently  in  the  U.S.  Send 
resume  to  HR  Manager, 
Globalways,  Inc,  39176  B, 
State  St,  Fremont,  CA  94538. 


F/T  Instructional  Technology 
Support  Specialist.  Responsible 
for  performing  and  arranging 
repair  and  replacement  of  tech¬ 
nology  equipment  and  network 
in  the  assigned  division. 
Research  and  develop  solutions 
to  hardware/software  issues. 
Educational  background  must 
have  included  training  in  basic 
network  functions,  hardware  and 
software,  Power  Quest  Deploy 
Center,  Windows  CE/IPAQ  sup¬ 
port,  configuring  wireless 
802.11b  technology,  Banner, 
Peoplesoft  and  Windows  2000 
Server.  Must  have  a  BBA  in 
Computer  Based  Information 
Systems.  Salary:  Competitive. 
Send  resumes  to:  Dr.  Dwight 
Call,  GA  College  &  State  Univ., 
CBX  049,  Milledgeville,  GA 
31061. 


Want  a  new 
IT  career? 


Check  out  our  jobs 
in  the  combined 
CareerJournal.com 
database. 


www.itcareers.com 


A  Call 
To  Action! 

Take  the  hassle  out  of 
searching  for  the  right 
candidate  and  contact  us 
at  (800)  762-2977. 

A 

We  can  place  your 
message  in  front  of  2/3  of 
all  US  IT  professionals. 

Call  (800)  762-2977 
www.itcareers.com 
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SENIOR  PROGRAMMER/ 

ANALYST 

Werner  Enterprises,  Inc. 

Duties:  Analyze,  design,  modify, 
develop  and  implement  software 
programming  applications;  par¬ 
ticipate  in  requirements  gather¬ 
ing,  testing  and  code  reviews; 
provide  technical  support  and 
other  development-related  dut¬ 
ies. 

Education  &  Training:  Bach¬ 
elor’s  degree  in  Computer  Sci¬ 
ence  or  a  related  field. 

Experience:  Working  knowl¬ 
edge  of  Java  Servlets,  XML/ 
XSL.  SQL.  EJB  2.0,  JMS  and 
JDBC;  three  (3)  years  J2EE 
development  experience  in  a 
corporate  environment. 

Hours  &  Wages:  40  hours/ 
week;  $83. 000/year 

Reference:  Persons  interested 
in  this  position  may  send  corre¬ 
spondence  to: 

Alberta  Goode 
Human  Resources 
Werner  Enterprises,  Inc. 
14507  Frontier  Road 
Omaha,  NE  68145-0308 

Please  reference  code  #  6312 

Position  is  located  in  Omaha, 
Nebraska.  No  assistance  with 
relocation  expenses  is  offered 
by  the  Company.  Applicant 
must  have  proof  of  legal 
authority  to  work  in  the  United 
States. 


Software  Development  Engineer 
(Denver)  -  Design/develop/ 
code/test/debug  new  complex 
software/make  significant 
enhancements  to  an  Intranet 
Application  used  to  manage  ser¬ 
vice  orders  by  the  internal 
Interconnect  Service  Center  on 
a  Sun  Solaris  platform  utilizing 
Java  &  JAVA  Servlets.  Use 
HTML  to  interface  w/  service 
orders  and  JDBC  to  access  an 
Oracle  database.  Interface  with 
legacy  systems  using  XML  and 
employ  CORBA  technology  for 
instant  user  notifications. 
Perform  maintenance  on  exist¬ 
ing  software.  Develop  solutions 
across  many  disciplines  &  be 
responsible  for  explaining  solu¬ 
tions  &  procedures.  Apply  prin¬ 
ciples/theories/concepts  &  use 
methodologies/tools/documen¬ 
tation  processes/test  proce¬ 
dures  to  complete  projects  relat¬ 
ed  to  moderately  complex  soft¬ 
ware.  BS  Comp.  Sci.,  Eng.,  or 
related  field.  2  yrs.  exp  as 
Software  Eng.,  IT  Consultant,  or 
Computer  Eng.,  $71,393/yr,  M-F 
8-5,  working  &/ or  theoretical 
knowledge  of:  Java,  JAVA 
Servlets,  JDBC,  Oracle,  XML, 
HTML,  Sun  Solaris,  &  CORBA. 
Apply  by  resume  only  to 
CODOL,  Two  Park  Central, 
1515  Arapahoe  St.,  Suite  400, 
Denver,  CO  80202;  Ref.  job 
order#  CO5065672. 


Seeking  qualified  applicants  for 
the  following  positions  in  Mem¬ 
phis,  TN:  Senior  Operations  Re¬ 
search  Analyst.  Using  opera¬ 
tions  research  methods,  analyze 
broad  and  complex  corporate 
problems/projects.  Requiremen¬ 
ts:  master's  degree'  or  equiva¬ 
lent  in  operations  research,  ap¬ 
plied  mathematics,  engineering 
or  other  quantitative  field  plus  4 
years  of  experience  in  systems 
analysis,  engineering,  applied 
mathematics  or  related  field.  Ex¬ 
perience  with:  developing  algo¬ 
rithms  using  either  C/C++,  Java 
or  CPLEX;  researching  and  de¬ 
veloping  optimization-based  and 
heuristic  models  for  large-scale 
network  problems;  and  statisti¬ 
cal  modeling  and  data  analysis 
using  statistical  software  also 
required.  'Ph.D.  in  appropriate 
field  will  offset  3  years  of  gener¬ 
al  experience.  Submit  resumes 
to  Michael  Umlauf,  Federal 
Express  Corporation,  3680 
Hacks  Cross  Road,  H-2220, 
Memphis.  TN  38125.  EOE 
M/F/DA/. 


Consultant:  Consult  with  clients 
to  define  need  or  problem;  ana¬ 
lyze  requirements  and  data  to 
advise  on  and  recommend  solu¬ 
tions;  design,  develop,  imple¬ 
ment,  code,  test,  maintain, 
administer,  and  document  soft¬ 
ware  applications  and  systems; 
perform  business  analysis  to 
develop  software  applications; 
perform  all  aspects  of  creating 
information  technology  solutions 
including  database  design  and 
development,  object  oriented 
design  and  development,  and 
Human-computer  interfaces. 
Bachelor's  degree  or  foreign 
academic  equivalent  in  Manage¬ 
ment  Information  Systems  or 
Computer  Science  and  six 
months  experience  in  the  posi¬ 
tion  offered  or  six  months  of 
experience  as  a  Consultant  re¬ 
quired.  Experience  in  related 
occupation  must  include  per¬ 
forming  business  analysis  to 
develop  software  applications 
and  experience  performing  all 
aspects  of  creating  information 
technology  solutions  including 
database  design  and  develop¬ 
ment  (data  layer),  object  orient¬ 
ed  design  and  development 
(application  layer),  and  Human- 
computer  interfaces  (presenta¬ 
tion  layer).  40  hrs./wk.;  8:00am  - 
5:00  pm.  $47, 000/year.  Must 
have  proof  of  legal  authority  to 
work  in  the  U.S.  Send  your 
resume  to  the  Iowa  Workforce 
Center,  215  Watson  Powell  Jr. 
Way,  Suite  100,  Des  Moines, 
Iowa  50309-1727.  Please  refer 
to  Job  Order  1101836.  Employ¬ 
er  paid  advertisement. 


Software  Engineer  for 
Tewksbury,  MA  based  developer 
of  software  products  for  J2EE 
web  applications,  portlets  and 
web  services.  Requires 
Bachelor  of  Science  degree  in 
Computer  Science,  Computer 
Engineering  or  related  area  and 
one  (1)  year  experience  in 
object  oriented  design  of  web- 
based  software  applications 
using  Java.  JSP,  XML  and  rela¬ 
tional  databases  including  con¬ 
figuring  production  deployment 
environments,  conducting  soft¬ 
ware  requirement  analysis,  per¬ 
forming  unit  testing,  developing 
software  QA  processes,  creating 
product  and  technical  documen¬ 
tation  and  providing  customer 
support.  The  position  is  located 
in  Tewksbury,  MA  with  15%  trav¬ 
el.  Send  resume  to  Bowstreet, 
Inc.,  Human  Resources,  Ad 
Code:  0492,  200  Ames  Pond 
Drive,  Tewksbury,  MA  01876. 


SENIOR  PROGRAMMER/ANA¬ 
LYST  to  analyze,  design,  devel¬ 
op  and  maintain  web-based  ap¬ 
plication  software  in  a  client/ser¬ 
ver  environment  using  object- 
oriented  methodologies,  C,  C++, 
Java,  JDBC/ODBC,  Java  RMI, 
CORBA,  JVM,  Jbuilder,  CVS, 
WebLogic,  WebSphere  and 
iPlanet  under  UNIX  and  Win¬ 
dows  operating  systems.  Re¬ 
quire:  B.S.  degree  in  Computer 
Science/Engineering,  or  a  close¬ 
ly  related  field  with  2  yrs  of  exp. 
in  the  job  offered  or  as  a  Sys¬ 
tems  Analyst.  Extensive  travel 
on  assignment  to  various  client 
sites  within  the  U.S.  is  required. 
Competitive  salary  offered. 
Apply  by  resume  to:  Debra 
VanderMeer,  Chutney  Technolo¬ 
gies,  Inc.,  11  Piedmont  Center, 
3495  Piedmont  Rd,  Ste  289, 
Atlanta.  GA 30305;  Attn:  Job  SN. 


Systems  Analyst.  Design,  im¬ 
plement  &  test  computer  net¬ 
work  protocols  and  systems 
using  TCP/IP  stack,  routing, 
media  access  protocols,  QoS 
&  ATM  with  C  &  C++.  Also  test 
protocol  conformance  with 
RFC  standards.  Require¬ 
ments:  Masters  in  Computer 
Science  or  Computer  Engin¬ 
eering  or  Electrical  Engineer¬ 
ing.  40-hr  work.  Job/Interview 
Site:  Culver  City,  CA.  Send 
resume  to  Scalable  Network 
Technologies,  Inc.  6071 
Bristol  Parkway,  #  200,  Culver 
City,  CA  90230. 


Java  Application  Development: 

Develop  large-scale  Internet 
appls.  applying  OO  prog,  tech 
using  C/C++,  J2EE  JSP,  Servlet 
and  EJB  in  a  n-tier  client/server 
env.on  Win2000/NT  /  Unix;  for¬ 
mulate  detailed  design  specs  for 
further  development  of  appls.  in 
Weblogic  Server  using  XML, 
SQL,  Oracle,  and  ClearCase, 
and  interface  Oracle  to  Java 
appls.thru  JDBC/Swing;  develop 
client  side  GUI  screen  using 
JBuilder/JavaScript;  trouble¬ 
shooting.  tuning  and  debugging. 

Application  Testing 
Identify  data  scenarios/develop 
detailed  test  plans;  write  test 
script  using  SQA/Rational  Ro¬ 
bot,  ClearCase  and  ClearQuest 
and  complete  testing  life  cycle  of 
Web-based  GUI  appls.on  Win- 
2000/NT  /  Unix;  setup/convert 
data  on/from  AS/400  and  testing 
populated  data  in  Oracle  /  DB2 
with  SQL  query;  post  beta 
release  issues  and  QA  process. 

Data  Warehousing 
Develop  large-scale  decision 
support/ re  porting/analysis 
appls.  in  WinNT  /  Unix  env.  ap¬ 
plying  data  warehousing  tech.; 
create  datamarts  and  develop 
appls.  for  data  loading,  auditing 
and  report  generating  process 
on  Informix/Oracle  and  SQL 
server  using  Crystal  Reports, 
Business  Objects,  VB,  OLAP; 
design  web-based  data  report¬ 
ing  appls  w/  JavaScript,  VB¬ 
Script.  ASP,  JSP,  DHTML;  adhoc 
Unix  scripting,  troubleshooting, 
SQL  tuning  and  debugging. 

Multiple  positions  in  St.  Louis, 
MO  metro  area.  Require  BS/BA 
or  the  equivalent  in  Comp.  Sc., 
Engr.  MIS.  or  in  a  closely  related 
field. (will  accept  equ.  exp.)  Exp. 
required:  6  mon/jr.,  and  3  yrs./sr. 
positions,  and  must  be  able  to 
perform  all  the  duties  on  the  day 
of  employment.  Full  time.  Res¬ 
ume  to  Crawford  Group,  Inc.  at 
isjobs@erac.com  Ref:  122903G 
NO  CALL/EOE 


All  Stages 

Applications  Developer 

Design,  develop,  test,  imple¬ 
ment.  debug  and  support  propri¬ 
etary  business  computer  soft¬ 
ware  and  Visual  Basic  software 
programs  for  all  three  layers  of 
an  n-Tier  application,  configure 
COM  components  for  MTS,  read 
and  write  XML  messages  to 
MSMQ,  design  database  using 
Erwin  Case  tool,  and  create 
stored  procedures,  tables, 
views,  triggers  in  MS  SQL 
Server  7.0,  utilizing  a  full  range 
of  Rational  Rose  Tools  (Use 
Case,  Visual  Modeling,  etc.) 
user  interface  skills  (to  include 
VB  Script,  Java  Script,  MS 
Visual  Interdev  and  XML/XSL), 
business  layer  skills  (to  include 
COM/DCOM),  data  layer  skills 
(to  include  Oracle  RDBMS, 
PL/SQL,  MS  SQL  AND  T-SQL). 
Requires  Bachelor's  or  equiva¬ 
lent  level  degree  in  Computer 
Science,  Computer  or  Software 
Engineering,  MIS,  or  closely 
related  field  and  3  years  experi¬ 
ence  as  an  All  Stages  Appli¬ 
cations  developer.  Qualified  ap¬ 
plicants  must  presently  be  eligi¬ 
ble  for  permanent  employment 
in  the  United  States.  Successful 
applicant  must  be  able  to  per¬ 
form  job  duties  on  date  of  appli¬ 
cation.  40  hours  per  week,  over¬ 
time  as  needed  without  addition¬ 
al  compensation.  Position  is  with 
Bradford  &  Galt,  Inc.  in  St.  Louis, 
Missouri.  Send  resumes  to:  Ms. 
Kelli  Baruzzini,  4  City  Place 
Drive,  Suite  100,  St.  Louis,  MO 
63141.  EOE 


Distributed  Computer 
System  Analyst 

Developing  GIS  for  Property  Tax 
Administration,  designing  appli¬ 
cations  for  use  in  the  in-depth 
study  &  for  tax  roll  review 
process,  and  providing  technical 
assistance.  Req.  Master  degree 
in  GIS,  Comp.  Sci.  or  closely 
related  field,  1-yr  GIS  exp.  & 
proficient  in  ArcIMS,  ArcGIS  and 
SQL.  40  hrs/wk.  Send  resume 
/w  cover  letter  to  Patricia  R. 
Mitchell,  HR  Process  Manager, 
FL  Department  of  Revenue,  P. 
O.  Box  10410,  Tallahassee.  FL 
32302. 


For  over  20  years,  Syntei  employees  across  North  America,  Europe,  and 
Asia  have  helped  build  advanced  information  technology  systems  for  lead¬ 
ing  Fortune  500  companies  and  government  organizations  to  improve  their 
efficiency  and  competitiveness.  Today,  Syntei  professionals  are  building 
rewarding  careers  by  providing  solutions  in  e-business,  CRM,  Web  Design 
and  Data  Warehousing. 

Come  discover  why  Forbes  magazine  placed  Syntei  second  on  its  list  of 
“The  200  Best  Small  Companies  in  America"  and  Business  Week  ranked 
us  #1 1  on  its  list  of  Hot  Growth  Companies. 

Due  to  our  rapid  growth,  we  have  immediate,  full-time  opportunities  for 
both  entry-level  and  experienced  Software  Engineers,  Consultants, 
Programmers,  Programmer/ Analysts,  Project  Leaders,  Project  Managers, 
Supervisors,  Database  Administrators,  Computer  Personnel  Managers 
and  Computer  Operations/Account  Managers/ Account  Executives  with 
any  of  the  following  skills: 

Mainframe 

•  IMS  DB/DC  or  DB2,  MVS/ESA, 

COBOL,  CICS 

DBA 

•  ORACLE  or  SYBASE 

Client-Server/WEB 

•  Siebel 

•  Websphere 

•  Com/DCom 

•  Web  Architects 

•  Datawarehousing 

•  Informix,  C  or  UNIX 

•  Oracle  Developer  or  Designer  2000 

•  JAVA,  HTML,  Active  X 

•  Web  Commerce 

•  SAP/R3,  ABAP/4  or  FICO  or  MM 
&SD 


•  Focus,  IDMS  or  SAS 


•  DB2 


•  Oracle  Applications  &  Tools 

•  Lotus  Notes  Developer 

•  UNIX  System  Administrator 

•  UNIX,  C,  C++,  Visual  C++,  CORBA, 
OOD  or  OOPS 

•  WinNT 

•  Sybase,  Access  or  SQL  server 

•  PeopleSoft 

•  Visual  Basic 

•  PowerBuilder 

•  IEF 


Account  Executives,  Account  Managers  and 
Business  Development/ Account  Specialist 

positions  available. 

Some  positions  require  a  Bachelor's  degree,  others  a  Master's  degree.  We  also 
accept  the  equivalent  of  the  degree  in  education  and  experience. 

With  Syntei  (NASDAQ:  SYND,  you'll  enjoy  excellent  compensation,  full  benefits, 
employee  stock  purchase  plan  and  more.  Please  forward  your  resume  and 
salary  requirements  to:  Syntei,  Inc.,  Attn:  Recruiting  Manager-LDOI, 

525  E.  Big  Beaver,  Suite  300,  Troy,  Ml  48083.  Phone:  248-619-2800; 
Fax:  248-619-2888.  Equal  Opportunity  Employer. 
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SkyMark  Corp.  seeks  Computer 
Programmer  in  our  Pittsburgh, 
PA  loc.  Work  with  following  lan¬ 
guages  and  DBMS's:  C++, 
Java,  ColdFusion,  Tomcat, JSP, 
ASP,  SQL  Server,  Oracle, 
Access,  SPSS.  Implement  clini¬ 
cal  database  systems  to  sup¬ 
port  hospital  quality  and  pro¬ 
cess  improvement.  Work  with 
healthcare  data,  hospital  IT 
environment,  statistics,  and  GUI 
development.  Must  have  BS  in 
CS  or  related  field  +  4  yrs.  rele¬ 
vant  experience.  Resume  to 
SkyMark,  7300  Penn  Ave., 
Pittsburgh,  PA  15208. 


Senior  Programming  Analyst-40 
hrs/wk  9-5,  Comp.  Salary 
Offered,  in  Weston,  FL.  Req. 
Bachelor's  Degree  or  Equivalent 
in  Computer  Information 
Systems  +  1  yr.  exp.  in  job 
offered-Analyzing  the  computer 
system  requirements  &  conduct¬ 
ing  designing,  coding  &  imple¬ 
mentation  of  technical  solutions 
to  fulfill  requirements;  creating  & 
maintaining  Visual  Basic,  SQL, 
Access  and  web  based  applica¬ 
tions,  etc.  Send  resume  to  Bill 
Anderson,  CHCS  Services,  Inc., 
3050  Universal  Blvd.,  #150, 
Weston,  FL  33331. 


Programmer  Analyst  want¬ 
ed  by  IT  Consulting  Co.  in 
IL  to  dvlp,  test  &  implmt  cus¬ 
tom  s/ware  applies  in  Win  & 
UNIX  OS.  Req  Bach  or  its 
equiv  in  Comp  Sci,  Engg, 
Math  or  Sci  &  6  mos  exp  in 
job  offd.  Respond  to 
Rasheed  Quaraishi,  Pres¬ 
ident,  MAQ  Technologies, 
Inc.,  953  Plumgrove  Rd., 
Schaumburg,  IL  60173.  No 
calls. 


NetSoft  has  openings  for  IT  pro¬ 
fessionals.  Skills  in  COBOL  II, 
CICS,  MVS,  JCL,  VSAM  &  DB2, 
HTML,  Java,  PWB,  IIS.  JDBC. 
ASP.  JavaScript,  XML,  C/C++, 
Oracle  preferred.  Applicants 
must  have  BS/MS  or  equivalent. 
Travel  maybe  required.  Apply  at 
iobs@nstc.net.  EOE. 

Argent  LLC  is  looking  for  pro¬ 
grammer/system  analyst,  soft¬ 
ware/project  engineers.  Duties 
include  software  &  system  appli¬ 
cation  design.  Skills  in  C/C++, 
Java,  PL/SQL,  Oracle  are  plus. 
Travel  required  for  some  posi¬ 
tions.  Degree  is  a  must.  Contact 
achauhan@araentinfotech.com. 

EOE. 


S/W  Engineers  to  design,  de¬ 
velop/maintain  web  and  CRM 
appls  using  Java,  VB,  Oracle, 
Dev  2000,  SQL,  JSP,  Clarify 
Suite  of  Products,  Weblogic  on 
Windows  &  UNIX  OS;  provide 
training  &  user  support  for  the 
systems  and  related  appln  inter¬ 
nally  &  to  clients;  test,  debug 
and  modify  existing  software. 
Require:  MS  or  foreign  equiv  in 
CS/Engineering(any  branch)  & 
1  yr  exp.  in  IT.  F/T.  High  Salary. 
Travel  involved.  Resumes  to 
HR,  ABZ  Consulting,  Inc.,  2600 
Century  Prkwy,  Ste  100,  Atlanta, 
GA  30345. 


Prog/Analysts  (Job  40)  to  ana¬ 
lyze,  design  appls  using  C++, 
Java,  EJB,  JSP,  Jscript,  Serv¬ 
lets,  XML,  HTML,  Weblogic  Ser¬ 
ver,  Oracle,  under  Windows 
/UNIX  OS;  perform  unit,  func¬ 
tional,  integration,  regression  & 
systems  level  testing;  analyze 
user  reqs,  prepare  design  docu¬ 
ments;  develop/enhance  online 
&  batch  programs;  implement, 
install,  test,  debug  &  modify 
new/existing  appls.  Require:  BS 
or  foreign  equiv.  in  CS/Engg. 
(any  branch)/Math  &  2yrs  of  exp. 
in  IT.  F/T.  Resumes  to:  Pricilla 
Vickers,  Transplace,  509  Enter¬ 
prise  Drive,  Lowell,  AR  72745. 
Must  specify  on  cover  letter 
applying  to  Job  40. 


Megatech  International  is  a 
small  but  fast  growing  IT  compa¬ 
ny.  We  have  several  openings 
for  software/project  engineers 
programmers/system  analysts. 
Candidates  must  have  MS/BS 
degree  or  equiv.  with  experi¬ 
ence.  Attractive  wage  w/  full 
benefits.  Please  apply  at 
iobs@meaatech.com.  EOE. 

ShareBuilder  Corp.  (former 
Netstock)  has  position  for  DBA 
responsible  for  online  financial 
brokerage  service  using  Power- 
builder,  SQL  server.  Minimum 
requirement  is  bachelor  with 
experience  in  SQL.  Competitive 
wage  with  benefits.  Contact 
stevet@sharebuilder.com.  EOE. 


Software  Engineer 

Design/develop  appli¬ 
cation  software  and 
database  applications. 
MS  in  CS  or  related 
and  1  yr  exp  in  soft¬ 
ware  engineer  related 
work.  Resume  to  Ryan 
Hou,  LHP  Software, 
305  Franklin  St., 
Columbus,  IN  47201. 


Jr.  Systems  Administrator: 
Entry-level  position  to  perform 
general  administration  of  the 
MS  based  systems  &  LAN. 
Design  &  maintain  Co.  web 
sites  in  both  Eng.  &  Chinese. 
No  exp.  req.  Req.  B.Sc.  or  its 
foreign  degree  equivalent 
based  on  education  &  experi¬ 
ence  in  CS,  IT,  Systems 
Engineering  or  related  field. 
Resume  to:  Mgr.  American 
Wholesale,  Inc.,  389 
Veteran's  Memorial  Hwy. 
Mableton,  GA  30126 


Systems  Engineer:  Develop  & 
configure  systems  for  IBM  P- 
Series  systems,  SP.  Regatta 
with  AIX  certifications;  analyze  & 
determine  feasibility  of  design 
for  AIX  network  &  HACMP  con¬ 
figurations;  formulate/design 
software  systems  &  software 
testing  procedures  using  various 
industry  models.  Req  BS  or  for¬ 
eign  dgr  equiv  in  Systems 
Engineering  or  closely  related 
discipline  with  6  yrs  work  exp  as 
IT  Specialist  or  related  occupa¬ 
tion.  Send  resume  to  Paaridian 
Technologies,  Inc.  11375 
Southbridge  Pkwy,  Ste  100, 
Alpharetta.  GA  30022.  Ref  SS 


McData  Corporation  seeks 
applicants  for  the  position  of 
Software  Engineer  in 
Sunnyvale,  CA  to  design  and 
develop  robust  software  to  man¬ 
age  system  failure  and  applica¬ 
tion  fail  over/restart.  Require¬ 
ments  include  master's  degree 
in  computer  science,  engineer¬ 
ing,  math,  physics  or  related 
field  and  2  yrs  exp  working  as  a 
software  engineer  in  RAS,  fault 
tolerant  distributed  systems. 
Respond  by  resume  to  Pete 
Whittle,  McData  Corporation, 
380  Interlocken  Crescent, 
Broomfield,  CO  80027  and  refer 
to  JON  1 . 


Programmer/System  Analyst. 
Perform  duties  w /  the  Business 
Info.  Systems  (BIS)  group. 
Programming  support  for 
Amgen's  e-procurement  system 
(Ariba),  related  documentation 
activities,  &  other  programming 
support  as  necessary.  Req 
Master  in  Comp.  Sci.  or 
Industrial  Engineering  & 
Operations  Research  or  Related 
Technical  Field  &  1  yr  exp  in  job 
or  1  yr  exp  as  a  Consultant. 
Send  ad  &  resume:  Kyle  Foster, 
Amgen  Inc.,  One  Amgen  Center 
Dr.,  Thousand  Oaks,  CA  91320- 
1799  (jobsite).  Include  Ad#  03- 
489FV. 


Information  Systems  Analyst: 
Maintain  &  monitor  IMPACT  soft¬ 
ware;  develop  supplementary 
software  in  Microfocus  Cobol, 
Visual  Basic,  ODBC  with  Tran- 
soft's  Mmddyy  UDD  to  ensure 
integration  in  the  financial  & 
manufacturing  environment; 
maintain  the  communication's 
environment  using  Axxess-5. 
Req.  2  yrs  of  univ.  in  Technical 
discipline  or  closely  related  dis¬ 
cipline  with  2  years  of  work  exp 
in  job  offered  or  2  yrs  in  related 
occupation  as  Consultant  or  any 
suitable  combination  of  educa¬ 
tion,  training,  and/or  work  expe¬ 
rience.  Send  resume  to  A. 
Warmus,  ATR,  LLC.,  707  S. 
Erwin  St.,  Catersville,  GA  30120. 
Ref  WS. 


Systems  Analysts  with 
experience  in  complex, 
inter-operable  business  ap¬ 
plications,  Progress  4GL 
software,  and  other  tech¬ 
nologies  for  advanced  level 
positions  in  Montgomery, 
Alabama.  Send  resume  to 
Jay  R.  Smith  Mfg.  Co.,  Attn: 
Mike  Polis,  2781  Gunter 
Park  Dr.  East,  Montgomery, 
AL,  36109-0237.  Must  ref¬ 
erence  job  code  #ICDC. 
EOE. 


Software  Galeria,  Inc.  d/b/a 
Ascent  SGI  has  opportunities  in 
Purchase,  NY;  Canonsburg,  PA; 
&  Roselle,  IL  for  experienced 
Software  Engineers  and  Net¬ 
work/System  Admin  (multiple 
openings),  w/relevant  education 
and  experience,  additional  qual¬ 
ifications  needed:  ERP,  CRM, 
RDBMS  -  Oracle,  Sybase,  SQL 
Server,  DB2,  GUI  tools,  C/C++, 
VB  script,  .Net,  C#,  ASP,  J2EE, 
JSP,  JDBC  Java  script,  EJB, 
Web  sphere,  Weblogic:  HTML. 
DHTML,  XML,  VXML,  XSL, 
ERWIN  Admin  skills,  ASR/TTS, 
CTI,  Sun  Solaris,  HP-Unix,  Win. 
Environments.  Resumes:  2700 
Westchester  Avenue,  Suite  419, 
Purchase,  NY  10577. 


Systems  Analysts  (Job  60)  to 
analyze,  design  logistics  appls 
in  data  warehousing  envir  using 
Oracle,  VB,  PL/SQL,  Accessun- 
der  Windows  OSs;  analyze, 
conduct  studies  to  design  sys¬ 
tems  for  cost  reductions  and 
process  improvements;  support- 
business  intelligence  andmetric 
reporting;  integrate,  transform 
data  used  for  management 
analysis  and  decision  support. 
Require:  B.S.  in  CS/Engg  (any 
branch)  or  related  field  and  2  yrs 
exp  in  job  offered.  MS  in  any  of 
the  above  will  also  be  accepted. 
F/T.  Resumes  to:  Priscilla 
Vickers,  Transplace,  509  Enter¬ 
prise  Drive,  Lowell,  AR  72745. 
Please  specify  job  60on  cover 
letter. 


Sure 

Computerworld, 
InfoWorld,  and 
NetworkWorld, 
Help  You  Do  A 
Better  Job. 

Now  Let  Us  Help 
You  Get  One. 


Check  us  out  at: 
www.itcareers.com 

or  call  (800)  762-2977 


IT  Education  &  Training  Directory 


Contact  the  companies  listed  below 
to  help  you  with  your  training  needs! 


IPexpert,  Inc. 

(866)  225-8064 

www.ipexpert.com 

CCIE  (R&S,  SEC,  and  C&S),  CCSP, 

CCNP,  CCNA,  IP  Telephony 


To  place  your  ad  please  call  800-762-2977 


CBT  Nuggets 

(888)  507-6283  &  (541)  284-5522 
www.cbtnuggets.com 
Affordable  training  videos  on  CD 
MCSE,  MCDBA,  MCSD,  CCNA, 
Citrix,  Linux,  A+,  Net  + 


Transcender 

(615)  726-8779 
www.transcender.com 
Award-winning  practice  exams 
for  IT  certification 
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HOW  IT  WORKS 


Grid  iron 


Hewitt  Associates  was  spending  too  much 
on  mainframe  cycles  for  one  of  its 
applications,  so  it  linked  it  to  a  grid 
system  and  is  reaping  performance 
benefits.  A  look  at  how  it  works: 


O  A  user  logs  on  to  an  HR  Web  site  and  asks  for  model  payout  for  retirement  at  a  certain  age. 

©  A  request  is  sent  to  the  main  benefits  administration  application,  which  in  turn  sends  the 
request  to  the  calculation  engine.  In  the  past,  both  applications  ran  on  IBM’s  z/OS  on  Hewitt’s 
Parallel  Sysplex  Mainframe  Cluster.  The  unpredictable  load  for  the  calculation  engine,  however, 
required  expensive  computing  power  out  of  the  Sysplex. 

©  Hewitt  moved  the  calculation  engine  to  a  grid  of  IBM  blade  servers.  When  the  benefits 
administration  package  gets  a  retirement  modeling  request,  grid  software  from  DataSynapse 
determines  which  blade  servers  are  available  and  sends  the  calculation  workload  to  those. 


©  The  grid  sends  the  calculation  back  to  the  benefits  administration  application  on  the  Sysplex, 
which  delivers  results  to  the  end  user. 


Grid 

continued  from  page  1 

While  grid  computing  remains 
largely  the  purview  of  scientific 
and  research  communities,  He¬ 
witt  is  part  of  a  growing  move¬ 
ment  among  mainstream  organi¬ 
zations  to  exploit  the  technology 
to  improve  the  efficiency  of  IT 
resources  and  boost  application 
performance.  Grid  computing, 
which  has  received  increased 
attention  as  talk  heats  up  around 
various  utility  computing  tech¬ 
nologies,  basically  uses  surplus 
computing  power  to  run  distrib¬ 
uted  or  parallel  application 

Qwest  offers 
global  voice 
services 

■  BY  JIM  DUFFY 

Qwest  last  week  announced 
international  voice  services  for 
businesses,  including  direct-dial 
switched  and  dedicated  long-dis¬ 
tance  calls  from  the  US.  to  more 
than  250  destinations  worldwide. 

Rates  start  at  2  cents  per  minute 
for  some  calling  destinations, 
such  as  Canada  and  Mexico. 

The  services  also  include 
Qwest  worldcard,  a  calling  card 
for  business  travelers,  and  inter¬ 
national  toll-free  service  from 
more  than  50  countries.  With  this 
service,  businesses  can  chose  to 
have  different,  localized  toll-free 
numbers  from  different  countries 
or  the  same  number. 

Qwest  already  offers  interna¬ 
tional  data  and  IP  services,  such 
as  ATM,  dedicated  Internet 
access,  frame  relay  private  line 
and  VPNs,  through  interconnec¬ 
tion  agreements  with  other 
carriers. 

Customers  that  bundle  their 
services  under  one  Qwest  con-  J 
tract  may  receive  special  promo¬ 
tions  on  their  international  long¬ 
distance  services.  ■ 


More  online! 


Read  more  about  the  equipment  that  con¬ 
nects  the  enterprise  to  carrier  services. 
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workloads. 

Even  today  corporations  using 
grid  technology  tend  to  be  manu¬ 
facturing  companies;  pharma¬ 
ceutical  companies  doing  com¬ 
putationally  intensive  modeling 
and  simulation  work;  and  finan¬ 
cial  firms  focused  on  processor- 
heavy  data  analysis  applications, 
experts  say 

A  survey  of  180  companies  last 
summer  by  research  firm  Summit 
Strategies  found  that  4%  of 
respondents  had  implemented  a 
grid, and  12%  were  currently  eval¬ 
uating  the  technology  Half  of  the 
respondents  said  they  didn’t  have 
a  timeline  for  when  they  might 
deploy  grid  technology,  and  18% 
said  they  expected  serious  grid 
evaluations  to  be  at  least  a  year 
away  About  a  quarter  of  the  re¬ 
spondents  said  they  expected 
grid  to  be  either  extremely  impor¬ 
tant  or  very  important  in  their  IT 
infrastructure  during  the  next 
three  years. 

Vendors  such  as  IBM,  HP  Oracle 
and  Sun  all  view  grid  computing 
as  a  key  part,  if  not  the  foundation 
of  utility  computing,  where  cor¬ 
porate  resources  are  pooled  as  a 
unit  that  grows  and  shrinks  in 
response  to  business  demands. 
But  when  it  comes  to  business 
applications,  grid  computing  is 
still  in  its  early  stages. 

“You’ve  got  this  basic  challenge 
that  not  every  flavor  of  applica¬ 
tion  and  information  processing 
benefits  from  the  CPU  load  bal¬ 
ancing  kinds  of  characteristics  of 
grid  computing,”  says  Mary 
Johnston  Turner,  vice  president 
and  practice  director  at  Summit. 
“If  you’ve  got  particularly  transac¬ 
tional  applications,  there’s  really 
no  business  case  right  now  to  put 
them  into  a  grid  environment.” 

But  the  trend  is  moving  in  that 
direction.  The  Global  Grid  Forum 
(GGF)  has  worked  to  create  spec¬ 
ifications  to  make  it  easier  for 
transaction-focused  enterprise 
applications  to  operate  within  a 
grid.  The  Open  Grid  Services 
Architecture,  developed  by  the 
GGpis  now  focused  on  integrating 
grid  standards  with  Web  services. 

Grid-focused  companies  made 
inroads  last  week  in  San  Fran¬ 
cisco  at  GlobusWorld,  a  confer¬ 
ence  organized  by  The  Globus 
Alliance, which  created  the  open 
source  Globus  tool  kit  designed 
for  building  grids.  IBM,  along 
with  Akamai  Technologies,  The 
Global  Alliance,  HP  SAP  Sonic 
Software  and  Tibco,  introduced 
three  Web  service  specifications 
designed  to  support  event-notifi¬ 
cation  infrastructure  for  Web  ser¬ 
vices  that  can  be  integrated  with 
grid  computing. 


The  new  specifications  provide 
“a  foundation  for  the  Open  Grid 
Services  Architecture,”  IBM  said  in 
a  statement. 

Industry  observers  say  adoption 
of  standard  specifications  such  as 
those  IBM  and  its  partners  put  for¬ 
ward  will  be  the  catalyst  for  more 
widespread  adoption  of  grid 
computing.The  ability  to  manage 
workloads  and  monitor  and 
charge  back  for  resource  usage, 
as  well  as  enhanced  security 
capabilities,  will  be  important  for 
corporate  deployments  and  for 
specifications  to  continue  to 
evolve,  analysts  say 

At  the  same  time,  grid  vendors 
are  rolling  out  consulting  and 
professional  services  to  help  cor¬ 
porate  customers  understand 
and  design  appropriate  grid  envi¬ 
ronments.  Vendors  also  are  grid¬ 
enabling  other  key  offerings:  IBM 
added  grid  capabilities  to  its 
WebSphere  application  server 
last  year,  and  Oracle  is  rolling  out 
its  grid-enabled  lOg  line  of  infra¬ 
structure  products,  including  the 
Oracle  Database  lOg,  the  Oracle 
Application  Server  lOg  and 
Enterprise  Manager  lOg  Grid 
Control. 

But  more  than  just  technical 
barriers  to  grid  computing  re¬ 
main.  A  study  of  50  companies 
conducted  last  year  by  grid  soft¬ 
ware  vendor  Platform  Computing 
found  that  89%  of  respondents 
considered  organizational  poli¬ 
tics  the  biggest  roadblock  to  grid 
deployments. 

“Inside  these  corporations  you 
have  a  huge  IT  infrastructure 


that’s  been  built  up  by  depart¬ 
ment,  by  lines  of  business,  so  they 
become  very  siloed,”  says  Ian 
Baird,  chief  business  architect  at 
Platform  Computing.“We  spend  a 
lot  of  time  with  our  clients  silo- 
busting  because  you  have  people 
that  are  effectively  ‘server  hug- 
gers.’  They  don’t  want  to  let  go 
and  share  their  resources 
because  they  feel  they’ll  lose  con¬ 
trol,  lose  budget  and  lose  priority 
over  their  work.” 

But  Baird  says  grid  middleware 
from  companies  such  as  Data¬ 
Synapse  and  Platform  provides 
users  the  ability  to  manage 
workloads  across  the  shared 
resources. 

“When  customers  start  to 


understand  grid,  understand  how 
it  works  and  understand  things 
like  the  intelligent  rules-based 
engines  in  Platform’s  technology, 
they  see  they  can  manage  and 
have  that  control,  but  still  share 
resources,”  he  says. 

Nevertheless,  most  businesses 
are  taking  first  steps  with  grid. 
Hewitt  started  off  with  a  dedicat¬ 
ed  grid  running  one  application, 
instead  of  tapping  into  unused 
CPU  cycles  on  servers  or  desk¬ 
tops  running  other  applications. 

“There  was  all  this  stuff  about 
service-level  management  that  I 
was  a  little  concerned  about  that 
says,  if  I’m  using  this  whole  grid 
made  up  of  scavenging  cycles 
from  other  computers,  how  do  I 
know  at  any  given  time  how 
much  horsepower  is  going  to  be 
available  for  me  and  wouldn’t 
that  cause  an  erratic  perfor¬ 
mance  environment,”  Kaberon 
says. 

Last  year,  Hewitt  began  working 
with  IBM’s  Design  Center  for 
e-Business  on  Demand  to  create 
a  grid  architecture  Kaberon  felt 
comfortable  with.  Now  he  says 
he’s  ready  to  consider  putting  a 
composed  print  application  on 
the  grid  and  see  how  sharing  the 
resources  will  work. 

“The  issues  we  need  to  work 
through  with  [grid  middleware 
vendor]  DataSynapse  are  what’s 
the  right  way  to  manage  the  work 
so  this  much  horsepower  is 
always  available  for  the  calcula¬ 
tion  engine,  this  much  for  the 
print  application  and  then  let’s 
keep  a  pool  of  resources  so  that 
whoever  needs  them  can  come 
and  get  them,”  he  says.  ■ 
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The  affordable  way  to  automate  your  systems  management 

No  steep  learning  curve.  No  special  training.  No  wonder  so  many  system  administrators 
are  raving  about  new  Sitekeeper  3.0!  With  its  amazingly  simple  interface,  you  can  easily 
manage  and  distribute  software  patches  and  updates,  track  license  compliance,  and 
inventory  hardware  and  software  -  all  within  minutes  of  installation.  You'll  be  amazed  at 
the  time  you  save.  Imagine  never  having  to  perform  manual  machine-by-machine 
updates  and  inventories  again! 

And  that's  just  the  start.  Sitekeeper  doesn't  require  dedicated  servers  or  expensive 
databases,  so  it  easily  fits  in  your  budget.  Sitekeeper  runs  on  any  NT/2K/XP  machine  and 
manages  clients  running  any  version  of  Windows,  from  95  to  Server  2003.  Install . 
Sitekeeper  and  start  managing  right  away.  Cut  out  complexity  and  increase  productivity 
with  NEW  Sitekeeper  3.0! 

It's  everything  except  complicated! 


DOWNLOAD  FREE 

SITEKEEPER  3.0TRIALWARE  NOW: 
www.executive.com/nwsk3 1 
or  call  1-800-829-6468  Ext.:  4258 
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BackSpin 


Ads  infinitum 


Every  pop-up  has  other  pop-ups 
Even  though  we  don ’t  invite  'em 
And  those  pop-ups  make  even 
more 

And  so  on  ad  infinitum. 

—  with  apologies  to 
Augustus  de  Morgan 


There’s  been  a  lot  of  discussion  recently  about 
pop-up  ads  on  Web  pages  —  you  know,  those 
browser  windows  that  spring  up  (or  under  —  yes, 
yes,  1  know  they  are  pop-unders,  but  work  with  me 
people)  when  you  go  to  certain  sites. 

However  you  look  at  them,  these  things  are  amaz¬ 
ingly  annoying. They  always  seem  to  come  in  waves 
and  killing  one  usually  generates  another,  and  yet 
another. 

For  some  time  there  have  been  pop-ups  that 
spawn  browser  windows  that  try  to  stay  hidden 
(pop-outs?). These  pop-outs  generate  new  visible 
pop-ups  when  you  kill  off  a  visible  pop-up  in  an 
attempt  to  stay  “in  your  face.”This  tactic  seems  to 
have  started  with  pornography  sites  but  has  been 
filtering  out  into  mainstream  advertising. 

Whether  you  are  for  or  against  pop-ups 
depends  on  where  you  sit  in  the  Internet  food 
chain  —  advertisers  and  advertising  executives 
seem  to  be  “for”  while  the  rest  of  the  world  would 


Mark  Gibbs 


vote  “against.” 

Now  some  of  you  advertising  people  out  there 
might  bristle  at  my  characterization  of  the  rest  of 
the  world  being  against  pop-ups,  but  there  is  evi¬ 
dence  to  back  this  up:  A  GartnerG2  consumer  sur¬ 
vey  of  2,667  Internet  users  conducted  in  July  2002 
found  that  78.3%  of  respondents  called  pop-up  ads 
“very  annoying”  and  12%  use  ad-blocking  software. 

So,  why  are  pop-ups  still  being  used  if  a  significant 
number  of  people  hate  them?  Simple,  it  is  because 
they  work.  On  average,  the  click-through  rates  for 
pop-ups  are  almost  twice  that  of  banner  ads 
(although  1  have  seen  it  theorized  that  this  is 
because  users  don’t  know  how  to  get  rid  of  them 
and  click  in  the  pop-up  window  by  accident  caus¬ 
ing  a  click-through  to  be  registered).  People  who 
sell  advertising  also  like  pop-up  ads  because  they 
cost  at  least  twice  as  much  as  banner  ads. 

What  has  really  stimulated  the  discussion  on 
the  future  of  pop-ups  is  the  forthcoming  release 
of  Microsoft’s  Internet  Explorer  with  built-in  pop¬ 
up  suppression.  No  matter  that  you  can  do  the 
same  thing  with  any  number  of  add-on  utilities, 
that  the  feature  is  built  into  the  Opera  Web 
browser  and  that  the  Google  tool  bar  kills  ’em  off 
very  nicely  and  for  free.  Nope,  with  Microsoft 
showing  that  it  is  willing  to  go  to  bat  on  behalf  of 
consumers  the  death  knell  for  pop-ups  can  be 
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heard  in  the  distance. 

Of  course,  that  leaves  a  vacuum,  a  thing  that 
nature  and  advertisers  abhor.  So  with  the  alacrity 
that  can  only  be  achieved  when  large  amounts  of 
money  are  at  stake,  coming  soon  to  a  Web  browser 
on  your  desktop  will  be  television-style  advertising 
videos.This  will  mean  that, should  you  happen  to 
visit  MSN,  ESPN,  Lycos  or  iVillage  in  the  near  future, 
you  can  expect  to  see  these  kinds  of  ads  from 
Pepsi,  AT&T,  Honda, Vonage  and  Warner  Brothers. 

The  video  ads  are  provided  by  technology  from  a 
company  called  Unicast.The  commercials  are 
loaded  in  the  background  and  then  displayed 
when  the  user  tries  to  move  to  a  new  page. The  dis¬ 
play  is  claimed  to  be  television  quality  even  for 
dial-up  users,  and  Unicast  says  the  system  is 
immune  to  pop-up  blockers. 

A  Pepsi  execudroid  quoted  in  The  New  York  Times 
said: “Yes,  it’s  intrusive.  But  I  think  customers  will 
like  it,  because  it  will  be  so  far  superior  to  anything 
they’ve  seen  online.”  Ohhh,when  the  revolution 
comes,  baby  . . . 

When  these  ads  appear  1  will  offer  a  prize  of  $100 
to  the  first  person  to  create  an  effective  blocking 
tool. 

If  you  would  like  to  contribute  to  the  prize  fund, 
drop  a  line  to  backspin@gibbs.com. 


By  Adam  Baffin 

Novel  ways  to  beat  spam,  porn 

Here’s  proof  that  high  tech  pervades 
everything,  including  religion: 

First,  a  photo  (see  www.nwfusion.com,  DocFinder:  9427)  showing  Japanese  busi¬ 
nessmen  holding  “a  service  aimed  at  fending  off  viruses  and  glitches  for  their 
computers  in  a  purification  ceremony  conducted  by  a  Shinto  priest." 

Then,  there's  the  story  from  Israel  (DocFinder:  9428)  about  a  rabbi  who  has  com¬ 
posed  a  prayer  for  surfers  who  find  themselves  on  porn  sites:  "Please,  God,  help 
me  cleanse  the  computer  of  viruses  and  evil  photographs  which  disturb  and  ruin 
my  work  ...  so  that  I  shall  be  able  to  cleanse  myself  [of  sin].” 


From  the  romance  help  desk 

Desperate  writes  the  help  desk:  “Last  year  1  upgraded  from  Boyfriend  5.0  to 
Husband  1.0  and  noticed  a  distinct  slowdown  in  the  overall  performance,  particu¬ 
larly  in  the  flower  and  jewelry  applications,  which  operated  flawlessly  under 
Boyfriend  5.0.  In  addition,  Husband  1.0  uninstalled  many  other  valuable  programs, 
such  as  Romance  9.5  and  Personal  Attention  6.5  and  then  installed  undesirable 
programs  such  as:  NFL  5.0,  NHL  4.3,  MLB  3.0  and  NBA  3.6.  Conversation  8.0  no 
longer  runs,  it  simply  crashes  the  system.  I’ve  tried  running  Nagging  5.3  to  fix 
these  problems,  to  no  avail.  What  can  I  do?” 

Read  the  help  desk’s  answer  at  DocFinder:  9430. 

Saving  lives  with  collaborative  software 


Stop  the  madness 

Raymond  Chen  doesn’t  want  phone  books.  He  finds  it  easier  to  look  things  up 
online.  But  Qwest  keeps  delivering  them  to  his  house,  no  matter  how  many  times 
he  calls: 

“Yes,  we  have  you  marked  as  ‘do  not  deliver.’” 

"So  why  did  I  get  one?” 

“This  wasn’t  one  of  our  standard  phone  books. This  was  a  promotional  phone 
book.” 

“Aha,  so  when  you  say  'do  not  deliver’  it  doesn’t  actually  mean  ‘do  not  deliver.’  It 
just  means  ‘don’t  deliver  the  one  that  I  am  specifically  complaining  about.’  But 
there’s  this  double-secret  phone  book  delivery  list  that  you  have  to  specifically 
ask  to  be  removed  from,  and  we're  not  going  to  tell  you  about  it  until  you  ask. 

Please  remove  me  from  the  promotional  phone  book  delivery  list  as  well." 

“I'm  sorry,  I  can't  do  that. There  is  no  way  for  us  to  enter  that  in  our 
computers.. . 

Read  his  complete  account  at  DocFinder:  9429. 


Michael  Helfrich  spent  a  month  in  Iraq  last  fall  and  writes  about  the  value  of  a 
collaborative  geographic-information-system  application  (based  on  work  by 
Groove  Networks  and  InfoPatterns)  that  lets  humanitarian  groups  plot,  and  avoid, 
the  locations  of  attacks  (DocFinder:  9431):  "Consumption  of  geospatial  data  is 
one  thing.  Having  a  tool  that  allows  me  to  consume  and  capture  data  when  riding 
in  a  Chevy  Suburban  across  the  Iraqi  desert  is  game-changing.  Securely  sharing 
that  data  when  I  reconnect  to  the  net  when  I  return  to  base  camp  saves  lives." 

My  first  Linkedln  spam 

A  couple  of  weeks  ago,  I  signed  up  for  Linkedln  mainly  just  to  see  how  this 
Friendsterforthe  corporate  set  works.  I’ve  gotten  two  invitations  to  link  to  some¬ 
body.  One  was  from  a  Weblog  acquaintance  in  Boston  who  works  in  IT  (greetings, 
Greg!). The  other  was  from  a  financial  adviser  whom  I  would  never  have  any  rea¬ 
son  to  ever  meet  in  real  life,  as  far  as  I  can  tell.  Have  you  tried  Linkedln?  If  so, 
what’s  your  experience  been?  Have  you  gotten  anything  out  of  it?  DocFinder:  9432. 

'Net  Buzz  returns  next  week.  But  you  can  keep  reading  Compendium  online  at 
napps.  nwfusion.  com/ compendium/. 
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The  NetVanta  3000  Series  from  ADTRAN . 


Dare  to  Compare! 

NetVanta 

3305 

Industry-Leading 

Brand 

Dual  Network  Interfaces 

✓ 

$$$ 

Dual  Ethernet  Interfaces 

✓ 

$$$ 

Stateful  Inspection  Firewall 

✓ 

sss 

Command  Line  Interface  (CLI) 

✓ 

✓ 

Quality  of  Service  (QoS) 

✓ 

✓ 

VLAN  Trunking 

✓ 

✓ 

Virtual  Private  Networking  (VPN) 

s 

$$$ 

Dial  Backup 

$ 

sss 

PBX  Connectivity 

$ 

$$$$$ 

Unlimited  Telephone  Support 

✓ 

sss 

Free  Maintenance  Releases 

✓ 

Not  Available 

Warranty 

5  Year 

1  Year 

Uncompromising  quality.  Affordable  price.  There's  no  better  value 
in  access  routers  than  the  NetVanta  3000  Series  from  ADTRAN. 


Using  a  NetVanta  3000  router,  you  can  outfit  a  remote 
location  with  complete  T1  voice  and  data  communications 
for  50%  less  than  you’re  accustomed  to  paying.  Loaded 
with  standard  features,  and  available  with  very  reasonably 
priced  options,  the  NetVanta  3000  Series  is  everything  you 
need  in  a  router  and  more.  Lower  price  isn’t  the  result  of 
cutting  corners — it’s  the  result  of  smart  engineering. 
Engineering  that’s  backed  by  a  100 %  satisfaction  guarantee 
from  ADTRAN,  including  unlimited  telephone  technical 
support  (before  and  after  the  sai  e),  free  maintenance  upgrades , 
and  a  full  five-year  warranty.  Try  a  NetVanta  3000  router 
today.  And  start  getting  more  out  of  your  router  dollar. 

Why  pay  more? 


Test  your  CLI  knowledge!  Receive  a  free  T-Shirt! 

www.  adtran.  com/in  fo/wh  ypa  ymore 


877.767.6022  Technical  Questions 
877.280.8416  Where  to  Buy 


Experts  choose  ADTRANT  AdIrah 
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The  right  management  can  put  you  in  control  of  your  infrastructure, 
not  the  other  way  around. 

Unicenter®  Infrastructure  Management  Software 

So  long,  mayhem.  Managing  on-demand  computing  is  here.  Unicenter  infrastructure  management  software  lets  you  take  control 
of  your  infrastructure  so  you  can  be  more  responsive  to  business.  With  automation  and  self-healing  capabilities  Unicenter  can 
help  control  costs  and  empower  you  to  do  more  with  less.  Unicenter  also  lets  your  infrastructure  react  to  changes  in  real  time, 
so  your  IT  and  business  priorities  are  always  in  sync.  Finally,  it  is  based  upon  a  service-oriented  architecture  that  simplifies 
your  IT  environment,  so  your  infrastructure  is  easier  to  manage.  To  learn  how  to  get  more  value  out  of  your  infrastructure, 
or  to  get  a  white  paper,  go  to  ca.com/infrastructure. 


